Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-31922
An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager prior to 21.1 could allow an malicious user to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3.
Pulsesecure Virtual Traffic Manager 20.2
Pulsesecure Virtual Traffic Manager 20.3
Pulsesecure Virtual Traffic Manager 19.2
Pulsesecure Virtual Traffic Manager 20.1
Pulsesecure Virtual Traffic Manager 19.3
Pulsesecure Virtual Traffic Manager
Pulsesecure Virtual Traffic Manager 18.2
NA
CVE-2000-0593
WinProxy 2.0 and 2.0.1 allows remote malicious users to cause a denial of service by sending an HTTP GET request without listing an HTTP version number.
Sapporoworks Sapporoworks Winproxy 2.0
Sapporoworks Sapporoworks Winproxy 2.0.1
9.8
CVSSv3
CVE-2023-3654
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the networ...
Cashit Cashit\\!
NA
CVE-2003-0405
Vignette StoryServer 5 and Vignette V/6 allows remote malicious users to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command.
Vignette Content Suite 6.0.3
Vignette Storyserver 5.0
Vignette Content Suite 5.0
Vignette Content Suite 6.0
Vignette Content Suite 6.0.1
Vignette Content Suite 6.0.2
Vignette Vignette 5.0
7.5
CVSSv3
CVE-2021-22166
An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method
Gitlab Gitlab
NA
CVE-2015-1382
parsers.c in Privoxy prior to 3.0.23 allows remote malicious users to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.
Debian Debian Linux 7.0
Privoxy Privoxy
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2002-1168
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x prior to 4.0.1.26 allows remote malicious users to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, w...
Ibm Websphere Caching Proxy Server 4.0
Ibm Websphere Caching Proxy Server 3.6
1 EDB exploit
5.4
CVSSv3
CVE-2018-17130
PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,
Phpmywind Phpmywind 5.5
5.9
CVSSv3
CVE-2022-27221
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially ...
Siemens Sinema Remote Connect Server
4.8
CVSSv3
CVE-2019-8435
admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header.
Phpmywind Phpmywind 5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »