Lucene search
K

55 matches found

Vulnrichment
Vulnrichment
added 2026/04/21 1:59 p.m.5 views

CVE-2025-31958 HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling

HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end...

3.7CVSS5.8AI score0.00177EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-1595

Malware in sbrugna...

6.8CVSS6.1AI score0.01315EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.6 views

The vulnerability of the GNOME graphical interface library libsoup allows a attacker to perform a “HTTP request hijacking” attack.

The vulnerability of the GNOME graphical interface’s libsoup library is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to carry out an “HTTP request hijacking” attack...

7.8CVSS7.2AI score0.00793EPSS
Exploits1References19Affected Software9
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.5 views

The vulnerability of the aiohttp HTTP client, related to deficiencies in handling HTTP request headers, allows attackers to execute the “HTTP request hijacking” attack.

The vulnerability of the aiohttp HTTP client is related to deficiencies in the handling of HTTP request headers. Exploiting this vulnerability allows a remote attacker to execute an “HTTP request hijacking” attack...

7.8CVSS7AI score0.00576EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/08/19 12:0 a.m.6 views

The vulnerability of the WSGI-server Gunicorn, related to defects in HTTP request processing, allows attackers to circumvent existing security restrictions and execute a “HTTP request hijacking” attack.

The vulnerability of the WSGI-server Gunicorn is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and carry out an “HTTP request hijacking” attack...

7.8CVSS7.1AI score0.00738EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.8 views

The vulnerability of the Apache Traffic Server web server arises from insufficient validation of input data, allowing attackers to carry out “HTTP request hijacking” attacks.

The vulnerability of the Apache Traffic Server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to carry out an “HTTP request hijacking” attack remotely...

9CVSS7.1AI score0.0097EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/29 12:0 a.m.6 views

The vulnerability of the Apache Traffic Server web server arises from insufficient validation of input data, allowing attackers to carry out “HTTP request hijacking” attacks.

The vulnerability of the Apache Traffic Server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to carry out an “HTTP request hijacking” attack remotely...

9CVSS7.1AI score0.00987EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/07 12:0 a.m.6 views

The vulnerability of the WSGI-server Gunicorn, related to defects in HTTP request processing, allows attackers to circumvent existing security restrictions and execute a “HTTP request hijacking” attack.

The vulnerability of the WSGI-server Gunicorn is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and carry out an “HTTP request hijacking” attack...

7.8CVSS7.2AI score0.02996EPSS
Exploits0References11Affected Software13
BDU FSTEC
BDU FSTEC
added 2024/04/01 12:0 a.m.8 views

The vulnerability of the server software HAProxy, related to the rerouting of empty Content-Length headers, allows a hacker to perform a “HTTP request hijacking” attack.

The vulnerability of the server software HAProxy relates to the rerouting of empty headers called Content-Length. Exploiting this vulnerability allows a malicious actor to carry out an “HTTP request hijacking” attack...

7.2CVSS7.1AI score0.01815EPSS
Exploits1References13Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.11 views

The vulnerability of the aiohttp HTTP client, related to deficiencies in HTTP request processing, allows attackers to execute the “HTTP request hijacking” attack.

The vulnerability of the aiohttp HTTP client is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to perform an “HTTP request hijacking” attack...

6.5CVSS6.5AI score0.0102EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/08/24 12:0 a.m.6 views

The vulnerability of the Node.js software platform, related to deficiencies in HTTP request processing, allows a perpetrator to carry out a “HTTP request hijacking” attack.

The vulnerability of the Node.js software platform is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to carry out an “HTTP request hijacking” attack...

7.8CVSS7AI score0.03906EPSS
Exploits1References7Affected Software3
Hacker One
Hacker One
added 2023/06/07 8:5 a.m.16 views

Mozilla: Internal Blind Server-Side Request Forgery (SSRF) allows scanning internal ports

Vulnerability description not provided...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/04/13 12:0 a.m.9 views

The vulnerability of the mod_proxy_uwsgi component in the Apache HTTP Server is related to deficiencies in HTTP request processing, allowing attackers to carry out a “HTTP request hijacking” attack.

The vulnerability of the modproxyuwsgi component in the Apache HTTP Server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to carry out an “HTTP request hijacking” attack...

9CVSS7.2AI score0.02134EPSS
Exploits0References16Affected Software18
BDU FSTEC
BDU FSTEC
added 2023/02/17 12:0 a.m.8 views

The vulnerability of the server software HAProxy, related to deficiencies in HTTP request processing, allows attackers to carry out the “HTTP request hijacking” attack.

The vulnerability of the server-side software HAProxy is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to carry out an “HTTP request hijacking” attack...

7.8CVSS7.4AI score0.05493EPSS
Exploits0References18Affected Software12
BDU FSTEC
BDU FSTEC
added 2022/07/15 12:0 a.m.6 views

The vulnerability of the Node.js software platform, related to deficiencies in HTTP request processing, allows a perpetrator to carry out a “HTTP request hijacking” attack.

The vulnerability of the Node.js software platform is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to carry out an “HTTP request hijacking” attack...

7.5CVSS6.7AI score0.77766EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.12 views

The vulnerability of the microprogrammed network interface devices of Advanced Secure Gateway (ASG) and ProxySG, related to HTTP request processing flaws, allows attackers to execute the “HTTP request hijacking” attack.

The vulnerability of the Advanced Secure Gateway ASG and ProxySG’s microprogramming software lies in the shortcomings of their HTTP request processing. Exploiting this vulnerability allows a remote attacker to execute an “HTTP request hijacking” attack...

9.4CVSS7.9AI score0.01525EPSS
Exploits0References2Affected Software2
CNVD
CNVD
added 2018/07/10 12:0 a.m.3 views

Multiple IBM Rational Products Information Disclosure Vulnerabilities (CNVD-2018-23242)

IBM Rational Collaborative Lifecycle Management CLM is a set of collaborative lifecycle management solutions.Rational Quality Manager RQM is a set of collaborative, web-based quality management solutions. IBM Rational Collaborative Lifecycle Management CLM is a collaborative lifecycle management...

4.3CVSS6.1AI score0.00897EPSS
Exploits0References1
NVD
NVD
added 2018/03/16 5:29 p.m.18 views

CVE-2014-4613

Cross-site request forgery CSRF vulnerability in the administration panel in Piwigo before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that add users via a pwg.users.add action in a request to ws.php...

6.5CVSS6.7AI score0.03225EPSS
Exploits1References8
Cvelist
Cvelist
added 2017/10/23 6:0 p.m.37 views

CVE-2015-2878

Multiple cross-site request forgery CSRF vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that 1 add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the 2 Url matching, 3 DNS Inject...

9.2AI score0.04175EPSS
Exploits4References3
Hacker One
Hacker One
added 2017/10/04 4:6 a.m.47 views

RubyGems: Request Hijacking Vulnerability in RubyGems 2.6.13 and earlier

We received this report via security@ from [email protected], I'm filing here for tracking and visibility purposes... "I was looking at commit 8d91516fb7037ecfb27622f605dc40245e0f8d32, which was the fix for the DNS hijacking issue CVE-2017-0902. The function still handles the DNS response in ...

6.8CVSS0.4AI score0.0475EPSS
Exploits1
Rows per page
Query Builder