GHSA-MP2G-9VG9-F4CG h3 v1 has Request Smuggling (TE.TE) issue

I was digging into h3 v1 specifically v1.15.4 and found a critical HTTP Request Smuggling vulnerability. Basically, readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this header should be case-insensitive. The...

h3 v1 has Request Smuggling (TE.TE) issue

I was digging into h3 v1 specifically v1.15.4 and found a critical HTTP Request Smuggling vulnerability. Basically, readRawBody is doing a strict case-sensitive check for the Transfer-Encoding header. It explicitly looks for "chunked", but per the RFC, this header should be case-insensitive. The...

MiracleLinux 9 : podman-5.4.0-10.el9_6 (AXSA:2025-10671:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10671:08 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...

MiracleLinux 9 : golang-1.23.9-1.el9_6 (AXSA:2025-10534:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10534:02 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...

MiracleLinux 8 : weldr-client-35.12-3.el8_10 (AXSA:2025-10404:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10404:01 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...

MiracleLinux 8 : grafana-pcp-5.1.1-10.el8_10 (AXSA:2025-10022:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10022:01 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...

MiracleLinux 9 : buildah-1.39.4-2.el9_6 (AXSA:2025-10547:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10547:03 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...

curl: CRLF Injection in HTTP header values allows arbitrary header injection

curl allows carriage return \r and line feed \n characters inside HTTP header values. When attacker-controlled data is used in a header value e.g., Authorization: Bearer , curl construct and sends a malformed HTTP request containing injected headers. This violates HTTP specification RFC 7320 /RFC...

CVE-2026-0731

A vulnerability has been found in TOTOLINK WA1200 5.9c.2914. The impacted element is an unknown function of the file cstecgi.cgi of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been...

CVE-2023-43323

mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...

CVE-2023-50811

An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the “computer” POST parameter related to the ID of a specific reception by POST HTTP request interception. Iterating that parameter, it has been possible to access to the application and take control of many...

CVE-2023-45278

Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request...

CVE-2023-40518

LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers...

CVE-2018-10024

ubiQuoss Switch VP5208A creates a bcmpassword file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs. The file can be reached via an HTTP request. The credentials can be used to access the system via SSH or TELNET if it is enabled...

CVE-2018-1000867

WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit...

CVE-2018-19510

subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection via the Client-IP HTTP request header...

CVE-2018-4068

An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A HTTP request can result in disclosure of the default configuration for the device. An attacker can send an unauthenticated HTTP request to trigger this...

CVE-2018-4073

An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSetTask.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The the binary the endpoint /cgi-bin/EmbededAceTLSetTask.cgi is a very similar endpoint that is designed for use with setting table values th...

CVE-2018-4064

An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user password on the...

CVE-2018-4061

An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP reque...