Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в golang-golang-x-net

In Go, net/http versions before 1.16.12 and 1.17.x, as well as before 1.17.5, allowed uncontrolled memory consumption in the header canonicalization cache through HTTP/2 requests...

7.5CVSS6.8AI score0.00088EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-18095

Malware in sbrugna...

7.5CVSS7.5AI score0.00695EPSS
Exploits0References3
Rosalinux
Rosalinuxadded 2025/03/01 9:32 p.m.40 views

Advisory ROSA-SA-2025-2740

Software: modhttp2 1.15.7 OS: ROSA Virtualization 3.0 packageevrstring: modhttp2-1.15.7-10.rv30.1 CVE-ID: CVE-2023-44487 BDU-ID: 2023-06559 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP/2 protocol implementation is related to the ability to generate a stream of requests within an already...

7.5CVSS7.5AI score0.944EPSS
Exploits22
Positive Technologies
Positive Technologiesadded 2023/10/06 12:0 a.m.4 views

PT-2023-6302 · Unknown +10 · Go Http2 Package +10

Name of the Vulnerable Software and Affected Versions: Go http2 package affected versions not specified Description: A malicious HTTP/2 client can cause excessive server resource consumption by rapidly creating requests and immediately resetting them. This allows the attacker to create a new...

9.8CVSS7.5AI score0.944EPSS
Exploits26References453
Github Security Blog
Github Security Blogadded 2023/01/14 12:30 a.m.66 views

golang.org/x/net/http2/h2c vulnerable to request smuggling attack

A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be...

7.5CVSS7.5AI score0.00074EPSS
Exploits1References7Affected Software1
OSV
OSVadded 2020/09/21 3:15 p.m.2 views

CVE-2020-4581

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. IBM X-Force ID: 184441...

7.5CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichmentadded 2018/12/31 8:0 p.m.6 views

CVE-2018-6335

A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...

7.5AI score0.00695EPSS
Exploits0References2
Prion
Prionadded 2018/12/31 7:29 p.m.14 views

Design/Logic Flaw

A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...

5CVSS7.5AI score0.00695EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCveadded 2018/12/31 7:29 p.m.26 views

CVE-2018-6335

A Malformed h2 frame can cause 'std::outofrange' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM 3.25.2, 3.24.6, and 3.21.10 and below when using the proxygen server to handle HTTP2 requests...

7.5CVSS7.1AI score0.00695EPSS
Exploits0References2
Rows per page
Query Builder