Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-1415

Malicious code in bioql PyPI...

4.2CVSS4.8AI score0.00347EPSS
Exploits1References3
NVD
NVDadded 2025/04/18 3:15 p.m.7 views

CVE-2025-2950

IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior...

5.4CVSS0.0011EPSS
Exploits0References1
NVD
NVDadded 2023/10/19 9:15 a.m.23 views

CVE-2023-25753

There exists an SSRF Server-Side Request Forgery vulnerability located at the /sandbox/proxyGateway endpoint. This vulnerability allows us to manipulate arbitrary requests and retrieve corresponding responses by inputting any URL into the requestUrl parameter. Of particular concern is our ability...

6.5CVSS6.5AI score0.00746EPSS
Exploits0References1
NVD
NVDadded 2022/11/10 12:15 a.m.16 views

CVE-2022-3726

Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account...

9CVSS0.00247EPSS
Exploits0References3
Cvelist
Cvelistadded 2022/05/07 3:40 a.m.15 views

CVE-2022-29180 Charm vulnerable to server-side request forgery (SSRF)

A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...

5.9CVSS9.6AI score0.0025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2019/10/04 12:0 a.m.21 views

Debian DLA-1944-1 : libapreq2 security update

It was discovered that there was a remotely-exploitable NULL pointer dereference in libapreq2, a library for manipulating HTTP requests. For Debian 8 'Jessie', this issue has been fixed in libapreq2 version 2.13-4+deb8u1. We recommend that you upgrade your libapreq2 packages. NOTE: Tenable Networ...

7.5CVSS6.6AI score0.02448EPSS
Exploits0References3
securityvulns
securityvulnsadded 2006/08/17 12:0 a.m.36 views

Technical note by Amit Klein: "Sending arbitrary HTTP requests with Flash 7/8 (+IE 6.0)"

Sending arbitrary HTTP requests with Flash 7/8 +IE 6.0 Amit Klein, August 2006 The trick ========= In 1, I showed how to forge parts of HTTP requests containing CRs and LFs using Flash. In that write-up, the data was part of the HTTP body section. However, combining the Content-Length overriding...

0.3AI score
Exploits0
Rows per page
Query Builder