Lucene search
K

117 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-12751

Malware in sbrugna...

9.8CVSS9.1AI score0.02667EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2023-2224

Malicious code in bioql PyPI...

9.8CVSS6.2AI score0.00738EPSS
Exploits0References9
GithubExploit
GithubExploit
added 2025/08/21 9:20 p.m.268 views

Exploit for CVE-2025-8671

PoC-CVE-2025-8671-MadeYouReset-HTTP-2 PoC para validar vulnera...

7.5CVSS7.2AI score0.04604EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.39 views

RHEL 7 : haproxy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - haproxy: data leak via fcgi requests CVE-2023-0836 - An uncontrolled resource consumption vulnerability w...

7.8AI score0.02942EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.25 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.4 (RHSA-2023:7473)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7473 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8CVSS7.1AI score0.01815EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/03/05 8:20 a.m.38 views

Moderate: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.2CVSS6.7AI score0.01815EPSS
Exploits1References3
OSV
OSV
added 2024/03/05 12:0 a.m.36 views

ALSA-2024:1142 Moderate: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: Proxy forwards malformed empty Content-Length headers CVE-2023-40225 haproxy: untrimmed URI fragments may lead to exposure of confidential data on static...

8.2CVSS7.1AI score0.01815EPSS
Exploits1References6
AlmaLinux
AlmaLinux
added 2024/03/05 12:0 a.m.87 views

Moderate: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: Proxy forwards malformed empty Content-Length headers CVE-2023-40225 haproxy: untrimmed URI fragments may lead to exposure of confidential data on static...

8.2CVSS7.3AI score0.01815EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/02/13 2:45 p.m.3 views

rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers

An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests...

9.8CVSS7.1AI score0.00738EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.18 views

EulerOS 2.0 SP9 : haproxy (EulerOS-SA-2023-2897)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and...

7.2CVSS7.1AI score0.01815EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.25 views

EulerOS 2.0 SP11 : haproxy (EulerOS-SA-2023-3008)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and...

7.2CVSS7.1AI score0.01815EPSS
Exploits1References2
OSV
OSV
added 2023/10/04 7:10 a.m.4 views

SUSE-SU-2023:3957-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: - CVE-2023-40175: Fixed HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers bsc1214425...

9.8CVSS9.5AI score0.00738EPSS
Exploits0References3
Amazon
Amazon
added 2023/08/25 12:0 a.m.11 views

Medium: haproxy

Issue Overview: HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind...

7.2CVSS7.2AI score0.01815EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/08/17 12:0 a.m.17 views

Ubuntu 20.04 LTS : HAProxy vulnerability (USN-6294-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6294-2 advisory. USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Tenable has extracted the preceding description...

7.2CVSS7.1AI score0.01815EPSS
Exploits1References2
OSV
OSV
added 2023/08/16 2:11 p.m.12 views

USN-6294-1 haproxy vulnerability

Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions...

7.2CVSS7.1AI score0.01815EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2023/08/16 2:11 p.m.52 views

USN-6294-1: HAProxy vulnerability

Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions...

7.2CVSS7.1AI score0.01815EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2023/08/10 9:15 p.m.35 views

CVE-2023-40225

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpre...

7.2CVSS7AI score0.01815EPSS
Exploits1
NVD
NVD
added 2023/08/10 9:15 p.m.18 views

CVE-2023-40225

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpre...

7.2CVSS7.2AI score0.01815EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/06/23 12:0 a.m.11 views

CVE-2023-34188

The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests...

7.5AI score0.01013EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.68 views

K10002140: Eclipse Jetty vulnerabilities CVE-2017-7657 and CVE-2017-7658

Security Advisory Description In Eclipse Jetty, versions 9.2.x and older, 9.3.x all configurations, and 9.4.x non-default configuration with RFC2616 compliance enabled, transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk...

9.8CVSS6.9AI score0.20985EPSS
Exploits0Affected Software1
Rows per page
Query Builder