Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-31922
An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager prior to 21.1 could allow an malicious user to smuggle an HTTP request through an HTTP/2 Header. This vulnerability is resolved in 21.1, 20.3R1, 20.2R1, 20.1R2, 19.2R4, and 18.2R3.
Pulsesecure Virtual Traffic Manager 20.2
Pulsesecure Virtual Traffic Manager 20.3
Pulsesecure Virtual Traffic Manager 19.2
Pulsesecure Virtual Traffic Manager 20.1
Pulsesecure Virtual Traffic Manager 19.3
Pulsesecure Virtual Traffic Manager
Pulsesecure Virtual Traffic Manager 18.2
445
VMScore
CVE-2000-0593
WinProxy 2.0 and 2.0.1 allows remote malicious users to cause a denial of service by sending an HTTP GET request without listing an HTTP version number.
Sapporoworks Sapporoworks Winproxy 2.0
Sapporoworks Sapporoworks Winproxy 2.0.1
NA
CVE-2023-3654
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the networ...
Cashit Cashit\\!
445
VMScore
CVE-2003-0405
Vignette StoryServer 5 and Vignette V/6 allows remote malicious users to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command.
Vignette Content Suite 6.0.3
Vignette Storyserver 5.0
Vignette Content Suite 5.0
Vignette Content Suite 6.0
Vignette Content Suite 6.0.1
Vignette Content Suite 6.0.2
Vignette Vignette 5.0
445
VMScore
CVE-2021-22166
An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method
Gitlab Gitlab
445
VMScore
CVE-2015-1382
parsers.c in Privoxy prior to 3.0.23 allows remote malicious users to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.
Debian Debian Linux 7.0
Privoxy Privoxy
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
685
VMScore
CVE-2002-1168
Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x prior to 4.0.1.26 allows remote malicious users to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, w...
Ibm Websphere Caching Proxy Server 4.0
Ibm Websphere Caching Proxy Server 3.6
1 EDB exploit
312
VMScore
CVE-2018-17130
PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,
Phpmywind Phpmywind 5.5
383
VMScore
CVE-2022-27221
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially ...
Siemens Sinema Remote Connect Server
312
VMScore
CVE-2019-8435
admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header.
Phpmywind Phpmywind 5.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »