Lucene search
K

3631 matches found

Nuclei
Nuclei
added 12 hours ago364 views

Qlik Sense Enterprise - HTTP Request Smuggling

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

9.9CVSS7.4AI score0.84967EPSS
Exploits0References5
EUVD
EUVD
added yesterday11 views

EUVD-2026-33941

mint: Content-Length header accepts non-RFC "+" sign prefix...

6.3CVSS5.9AI score0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 4 days ago8 views

Siemens SENTRON 7KT PAC1261 HTTP Request/Response Smuggling (CVE-2025-22871)

The Go net/http package incorrectly treats a bare line feed LF as a valid line terminator in chunked transfer data. This flaw can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as a line terminator. This plugin only works with...

9.1CVSS6.8AI score0.00724EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 10:16 p.m.7 views

CVE-2026-11541

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability...

9.8CVSS0.00418EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/30 1:42 a.m.9 views

SUSE CVE-2026-58055

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

5.4CVSS5.8AI score0.00202EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-53990

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5 IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 26.0.0.6 Description An HTTP request smuggling issue exists, which occurs when there...

9.8CVSS6AI score0.00418EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 3:40 p.m.4 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled IBM WebSphere Remote Server, are affected by HTTP request smuggling (CVE-2026-11541)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and WebSphere Application Server Liberty has been published in a security bulletin...

9.8CVSS5.8AI score0.00418EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/29 5:42 a.m.2 views

SUSE-SU-2026:2670-1 Security update for libsoup2

This update for libsoup2 fixes the following issue - CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649...

6.5CVSS5.8AI score0.00376EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 1:11 p.m.6 views

OESA-2026-2704 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...

9.4CVSS5.8AI score0.00644EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 3:45 a.m.11 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling (CVE-2026-11541)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by remote code execution and HTTP request smuggling. Vulnerability Details CVEID:CVE-2026-11541 DESCRIPTION: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by an...

9.8CVSS6.5AI score0.00418EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.18 views

IBM WebSphere Application Server 8.5.x < 8.5.5.31 / 9.x < 9.0.5.29 RCE (7277550)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7277550 advisory. - IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by an HTTP request smuggling vulnerabilit...

9.8CVSS6.3AI score0.00418EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 5:15 p.m.15 views

Important: Red Hat Security Advisory: Red Hat build of Cryostat security update

An update is now available for the Red Hat build of Cryostat 4 on RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

9.8CVSS7.6AI score0.01051EPSS
Exploits7References11
EUVD
EUVD
added 2026/06/22 2:44 p.m.7 views

EUVD-2026-38251

IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to HTTP request smuggling. A remote attacker could smuggle a specially crafted request to the application server thereby allowing the attacker to bypass security...

7.4CVSS5.9AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 2:44 p.m.40 views

CVE-2026-8646 IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities

IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to HTTP request smuggling. A remote attacker could smuggle a specially crafted request to the application server thereby allowing the attacker to bypass security...

7.4CVSS0.00338EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 2:44 p.m.35 views

CVE-2026-8646

Summary: CVE-2026-8646 affects IBM WebSphere Application Server (traditional), WebSphere Application Server Liberty, and related components. The vulnerability arises from HTTP request smuggling, allowing a remote attacker to bypass security controls, spoof identity, and potentially escalate privi...

9.1CVSS5.9AI score0.00338EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 2:21 p.m.42 views

CVE-2026-9072 WebSphere Application Server Remote Code Execution

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backe...

8.1CVSS0.00409EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/22 2:16 p.m.4 views

CVE-2026-8858 WebSphere Application Server Remote Code Execution

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted...

7.5CVSS6.6AI score0.0026EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 2:16 p.m.14 views

CVE-2026-8858

Summary: CVE-2026-8858 affects IBM WebSphere Web Server Plug-ins used with IBM WebSphere Application Server/Liberty and IBM HTTP Server. The vulnerability allows remote code execution and denial of service when an attacker impersonates the application server and sends crafted responses to the plu...

8.8CVSS6.5AI score0.0026EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:17 p.m.3 views

Security Bulletin: Vulnerability in Netty affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

7.5CVSS6.5AI score0.0064EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/19 2:46 p.m.5 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a HTTP Request Smullging Vulnerability in Netty (CVE-2026-33870)

Summary Netty is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of the Server/Agent/Relay communication system. CVE-2026-33870. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to...

7.5CVSS5.9AI score0.0064EPSS
Exploits1Affected Software1
Rows per page
Query Builder