Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http request project http request 6.0 vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2019-1010206
OSS Http Request (Apache Cordova Plugin) 6 is affected by: Missing SSL certificate validation. The impact is: certificate spoofing. The component is: use this library when https communication. The attack vector is: certificate spoofing.
Http Request Project Http Request 6.0
NA
CVE-2006-3918
http_protocol.c in (1) IBM HTTP Server 6.0 prior to 6.0.2.13 and 6.1 prior to 6.1.0.1, and (2) Apache HTTP Server 1.3 prior to 1.3.35, 2.0 prior to 2.0.58, and 2.2 prior to 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error messa...
Apache Http Server
Debian Debian Linux 3.1
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
1 EDB exploit
NA
CVE-2011-2766
The FCGI (aka Fast CGI) module 0.70 up to and including 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote malicious users to bypass authentication via crafted HTTP headers.
Fast Cgi Project Fast Cgi
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
NA
CVE-2012-0876
The XML parser (xmlparse.c) in expat prior to 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via an XML file with many identifiers wit...
Libexpat Project Libexpat
Python Python
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Oracle Solaris 11.3
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Storage 2.0
Redhat Enterprise Linux Eus 6.2
9.1
CVSSv3
CVE-2022-23959
In Varnish Cache prior to 6.6.2 and 7.x prior to 7.0.2, Varnish Cache 6.0 LTS prior to 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x prior to 4.1.11r6 and 6.0.x prior to 6.0.9r4, request smuggling can occur for HTTP/1 connections.
Varnish-software Varnich Cache 4.1
Varnish-software Varnich Cache
Varnish Cache Project Varnish Cache
Varnish-software Varnish Cache
Varnish-software Varnish Cache Plus
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-45060
An HTTP Request Forgery issue exists in Varnish Cache 5.x and 6.x prior to 6.0.11, 7.x prior to 7.1.2, and 7.2.x prior to 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish serve...
Varnish-software Varnish Cache Plus 6.0.8
Varnish Cache Project Varnish Cache 7.2.0
Varnish Cache Project Varnish Cache
Varnish-software Varnish Cache Plus 6.0.10
Varnish-software Varnish Cache Plus 6.0.0
Varnish-software Varnish Cache Plus 6.0.1
Varnish-software Varnish Cache Plus 6.0.2
Varnish-software Varnish Cache Plus 6.0.3
Varnish-software Varnish Cache Plus 6.0.4
Varnish-software Varnish Cache Plus 6.0.5
Varnish-software Varnish Cache Plus 6.0.6
Varnish-software Varnish Cache Plus 6.0.7
Varnish-software Varnish Cache Plus 6.0.9
Varnish-software Varnish Cache
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2021-36740
Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x prior to 6.0.8r3, and Varnish Cache 5.x and 6.x prior to 6.5.2, 6.6.x prior to 6.6.1, and 6.0 LTS ...
Varnish-cache Varnish Cache
Varnish-cache Varnish Cache 6.0.8
Varnish Cache Project Varnish Cache
Varnish-software Varnish Cache
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8 Github repositories
NA
CVE-2011-1752
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion prior to 1.6.17, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild i...
Apache Subversion
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Fedoraproject Fedora 15
Fedoraproject Fedora 14
Apple Mac Os X
NA
CVE-2011-4566
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote malicious users to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF head...
Php Php 5.4.0
Php Php
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »