CVE-2026-20069

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This...

CVE-2026-20069 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This...

CVE-2023-40518

LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers...

CVE-2025-20393

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...

EUVD-2011-0004

Malware in sbrugna...

EUVD-2019-2537

Malware in sbrugna...

EUVD-2017-14369

Malware in sbrugna...

EUVD-2022-1439

Malicious code in bioql PyPI...

CVE-2023-33476

ReadyMedia MiniDLNA versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the...

CVE-2011-4883

The web server in Certec atvise webMI2ADS aka webMI before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service resource consumption via a crafted request...

ROS-20250417-06

Vulnerability in moodle virtual learning environment is related to insufficient validation of HTTP request source in the confirmedsesskey. Exploitation of the vulnerability could allow an attacker acting remotely to perform Cross-site request forgery attacks...

PT-2024-30411 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: gradio-app/gradio version 4.21.0 Description: A Server-Side Request Forgery SSRF vulnerability exists, specifically within the "/queue/join" endpoint and the save url to cache function. The vulnerability arises when the path value, obtained...

PT-2023-9658 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Cisco UTD Snort IPS Engine could allow an unauthenticated, remote...

CVE-2023-20232

A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP requests. An attacker could...

Denial Of Service (DoS)

froxlor/froxlor is vulnerable to Denial Of Service DoS. The vulnerability exists because of a lack of HTTP request validation in the rate-limiting functionality during a password reset, which allows an attacker to crash the application...

CVE-2023-1124 Shopping Cart & eCommerce Store < 5.4.3 - Admin+ LFI

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks...

Denial Of Service (DoS)

typo3 is vulnerable to Denial Of Service DoS. The vulnerability exists due to the lack of http request validation in the PageContentErrorHandler.php which allows an attacker to cause an application crash...

CVE-2022-45149

A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's CSRF token was unnecessarily included in the URL when being redirected to a course they have just restored. A remote attacker can trick the victim to visit a...

Code injection

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to delete arbitrary files from an affected system. This...

Fix of CVE: CVE-2020-8450, CVE-2020-8517, CVE-2020-8449

CVE-2020-8449: fix improper HTTP request validation allowing access to resources which are prohibited by security filters - CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow - CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer and leading to...