CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-26241

Malware in sbrugna...

7.5CVSS5.7AI score0.00578EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-0124

Malware in sbrugna...

1.9CVSS6.4AI score0.0091EPSS

Exploits1References5

Github Security Blog•added 2023/04/24 10:42 p.m.•35 views

HTTP Multiline Header Termination

Impact Affected versions of Laminas Diactoros accepted a single line feed LF / \n character at the end of a header name. When serializing such a header name containing a line-feed into the on-the-wire representation of a HTTP/1.x message, the resulting message would be syntactically invalid, due ...

7.5CVSS6AI score0.00671EPSS

Exploits0References6Affected Software1

CNNVD•added 2022/11/09 12:0 a.m.•2 views

Varnish Cache 安全漏洞

Varnish Cache is a set of reverse web caching servers. A security vulnerability exists in Varnish Cache version 5.x, version 6.x up to and including version 6.0.11, version 7.x up to and including version 7.1.2, and version 7.2.x up to and including version 7.2.1. An attacker exploits this...

7.5CVSS7.4AI score0.00833EPSS

Exploits0References15

CVE•added 2022/10/19 12:0 a.m.•129 views

CVE-2022-31684

CVE-2022-31684 affects Tanzu VMware Reactor Netty (HTTP Server) versions 1.0.11–1.0.23. The issue is that request headers may be logged in certain invalid HTTP requests when WARN logging is enabled, potentially exposing valid access tokens found in those logs. The connected Red Hat and IBM adviso...

4.3CVSS4.3AI score0.00416EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2022/10/19 12:0 a.m.•5 views

CVE-2022-31684

Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...

6.6AI score0.00416EPSS

Exploits0References1

Redos•added 2022/10/07 12:0 a.m.•24 views

ROS-20221007-02

Vulnerability of lighttpd web server is related to memory leak in modfastcgi and modscgi modules while processing a large number of incorrect HTTP requests. a large number of malformed HTTP requests. Exploiting the vulnerability could allow an attacker, acting remotely, send multiple invalid HTTP...

7.5CVSS7.4AI score0.01808EPSS

Exploits4

Prion•added 2022/05/17 5:15 p.m.•11 views

Code injection

IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906...

5CVSS7.2AI score0.00578EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2022/05/16 12:0 a.m.•2 views

CVE-2020-4994

7.5CVSS6.1AI score0.00578EPSS

Exploits0References3Affected Software1

Symantec•added 2005/06/14 12:0 a.m.•21 views

Microsoft ISA Server HTTP Request Smuggling Vulnerability

Description Microsoft Internet Security and Acceleration ISA server is reported prone to a HTTP request smuggling attack. The vendor reports that Microsoft ISA server fails to correctly handle an invalid HTTP request that contains multiple 'Content-Length' values in an invalid HTTP header. A remo...

0.4AI score

Exploits0References1Affected Software1

NVD•added 2004/08/17 4:0 a.m.•14 views

CVE-2004-1720

The 1 address.html and possibly 2 calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an exposure, since the path is leaked in web log...

5CVSS6.6AI score0.09092EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by