CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/14 4:8 p.m.•33 views

CVE-2025-62316 HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured

HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based security controls and could expose the application to limited security risks under specific conditions...

2.3CVSS0.00021EPSS

OSV•added 2026/04/30 12:36 a.m.•1 views

CLEANSTART-2026-GN46454 When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written

Multiple security vulnerabilities affect the apache-nifi package. When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written. See references for individual vulnerability details...

9.8CVSS8.4AI score0.00038EPSS

Exploits3References18

Rosalinux•added 2026/01/26 8:27 a.m.•4 views

Advisory ROSA-SA-2026-3113

software: squid 5.9 WASP: ROSA-CHROME unaffected versions = squid-5.9-3 affected versions squid-5.9-3 CVE-ID: CVE-2023-49285 BDU-ID: 2023-08581 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to an operation exceeding buffer boundaries in memory. Exploitation of the...

8.6CVSS6AI score0.09621EPSS

Exploits0

RedhatCVE•added 2026/01/09 10:17 a.m.•2 views

CVE-2019-18850

TrevorC2 v1.1/v1.2 fails to prevent fingerprinting primarily via a discrepancy between response headers when responding to different HTTP methods, also via predictible responses when accessing and interacting with the "SITEPATHQUERY"...

7.5CVSS6.8AI score0.00364EPSS

OSV•added 2025/11/20 10:15 p.m.•2 views

CVE-2025-36160

IBM Concert 1.0.0 through 2.0.0 could disclose sensitive server information from HTTP response headers that could aid in further attacks against the system...

7.5CVSS6.2AI score

5.3CVSS5.5AI score0.00134EPSS

EUVD-2020-26062

Malware in sbrugna...

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2009-0361

Malware in sbrugna...

5CVSS9.1AI score0.0108EPSS

Exploits0References32

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2013-3910

Malware in sbrugna...

5CVSS6.4AI score0.00207EPSS

5.3CVSS5.7AI score0.0014EPSS

EUVD-2021-25393

Malware in sbrugna...

4.3CVSS6.1AI score0.00276EPSS

EUVD-2009-2997

Malware in sbrugna...

Exploits1References4

7.5CVSS7.5AI score0.00891EPSS

EUVD-2020-27085

Malware in sbrugna...

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2004-1051

Malware in sbrugna...

10CVSS6.3AI score0.01224EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-37284

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00412EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-22721

Malicious code in bioql PyPI...

8.4CVSS6.6AI score0.00109EPSS

Tenable Nessus•added 2025/08/06 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2024-1551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well a...

6.1CVSS7.6AI score0.00291EPSS

Exploits1References2

RedhatCVE•added 2025/07/27 4:14 p.m.•3 views

CVE-2025-34114

A client-side security misconfiguration vulnerability exists in OpenBlow whistleblowing platform across multiple versions and default deployments, due to the absence of critical HTTP response headers including Content-Security-Policy, Referrer-Policy, Permissions-Policy,...

8.4CVSS6AI score0.00109EPSS