Lucene search
K

76 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-28368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by...

9.1CVSS5.5AI score0.00704EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-28367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. This can be used for request...

9.1CVSS5.5AI score0.00706EPSS
Exploits0References3
NVD
NVD
added 2026/03/27 5:16 p.m.6 views

CVE-2026-28367

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer,...

9.1CVSS0.00706EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/27 5:16 p.m.7 views

CVE-2026-28367

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer,...

9.1CVSS5.8AI score0.00706EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/27 5:16 p.m.3 views

CVE-2026-28369

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...

9.1CVSS5.9AI score0.00677EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/27 4:13 p.m.4 views

CVE-2026-28367

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer,...

8.7CVSS5.8AI score0.00706EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/27 4:13 p.m.1 views

CVE-2026-28369

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...

8.7CVSS5.9AI score0.00677EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/24 6:31 a.m.5 views

EUVD-2026-14732

A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like getParameterMap, the server prematurely parses and stores this content to...

5.9CVSS5.8AI score0.00441EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/05 1:38 p.m.3 views

undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS5.8AI score0.01256EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/30 3:16 p.m.6 views

CVE-2024-4027

A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames can cause an OutOfMemoryError when the client sends a request with large parameter names. This issue can be exploited by an unauthorized user to cause a remote denial-of-service DoS attack...

7.5CVSS5.9AI score0.00575EPSS
Exploits0References3
OSV
OSV
added 2026/01/30 3:16 p.m.3 views

UBUNTU-CVE-2024-4027

A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames can cause an OutOfMemoryError when the client sends a request with large parameter names. This issue can be exploited by an unauthorized user to cause a remote denial-of-service DoS attack...

7.5CVSS5.8AI score0.00575EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-3884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel meth...

7.5CVSS7.4AI score0.01256EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/03 6:40 p.m.5 views

CVE-2024-3884

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS7.6AI score0.01256EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2021-0812

Malware in sbrugna...

6.5CVSS6.6AI score0.01005EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0851

Malware in sbrugna...

5.8CVSS6AI score0.01147EPSS
Exploits0References21
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-1382

Malware in sbrugna...

5.8CVSS5.7AI score0.01119EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-8964

Malware in sbrugna...

7.5CVSS6.7AI score0.0163EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2019-0739

Malware in sbrugna...

9.8CVSS6AI score0.019EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2542

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.01771EPSS
Exploits0References25
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-6331

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.01375EPSS
Exploits1References25
Rows per page
Query Builder