The vulnerability of the mod_proxy httpd daemon in the Apache HTTP Server allows a hacker to send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the modproxy module in the Apache HTTP Server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests remotely HTTP Request Smuggling attack...

CVE-2021-32781

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However when local response is generated due the intern...

The vulnerability of the cPython programming language, related to deficiencies in HTTP request processing, allows attackers to compromise data integrity or cause service failures.

The vulnerability of the cPython programming language in Python is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to compromise data integrity or cause service failures...

The vulnerability of the Content-Length header in the Apache Traffic Server web server allows a hacker to compromise the integrity of the protected information.

The vulnerability of the Content-Length header in the Apache Traffic Server web server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

The vulnerability of the Apache Tomcat application server, related to deficiencies in HTTP request processing, allows attackers to send hidden HTTP requests.

The vulnerability of the Apache Tomcat application server is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests remotely HTTP Request Smuggling attack...

SUSE: Security Advisory (SUSE-SU-2016:2089-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2021-31806

An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack against all clients using the proxy via HTTP Range request processing...

Denial Of Service (DoS)

gsoap is vulnerable to denial of service DoS. The vulnerability exists in the WS-Security plugin functionality when processing a SOAP request...

The vulnerability in the web interface for managing microprogramming software on Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W routers allows a perpetrator to execute arbitrary code.

The vulnerability of the web-based management interfaces for Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W microprogramming systems lies in HTTP request processing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2020-27728

On BIG-IP ASM & Advanced WAF versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, under certain conditions, Analytics, Visibility, and Reporting daemon AVRD may generate a core file and restart on the BIG-IP system when processing requests sent from mobile devices...

CVE-2020-35453

HashiCorp Vault Enterprise’s Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. Fixed in 1.5.6 and 1.6.1...

RHEL 7 : squid (RHSA-2020:4082)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4082 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: HTTP...

CVE-2020-25255

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to cause a denial of service outage of connection-request processing via a long user ID, which triggers an excepti...

The vulnerability of HTTP servers for Ruby/Rack applications, Puma, relates to deficiencies in HTTP request processing, allowing attackers to influence the integrity of information.

The vulnerability of HTTP servers for Ruby/Rack applications developed with Puma is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to influence the integrity of information...

The vulnerability of the ASP.NET Core software platform, related to errors in request processing, allows a hacker to cause a service failure.

The vulnerability of the ASP.NET Core software platform is related to errors in request processing. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending specially crafted requests to the ASP.NET Core application...

Design/Logic Flaw

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability f...

Microsoft Edge’s vulnerability related to request processing errors allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft Edge is related to errors in request processing. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the ASP.NET Core software platform, related to errors in request processing, allows a hacker to cause a service failure.

The vulnerability of the ASP.NET Core software platform is related to errors in request processing. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending specially crafted requests to the ASP.NET Core application...

SUSE SLES12 Security Update : squid (SUSE-SU-2020:0661-1)

This update for squid fixes the following issues : CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. CVE-2019-12526: Fixed potential remote code execution during URN processing bsc1156326. CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI...

The vulnerability of the ASP.NET Core software platform, related to errors in request processing, allows a hacker to cause a service failure.

The vulnerability of the ASP.NET Core software platform is related to errors in request processing. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending specially crafted requests to the ASP.NET Core application...