Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-27982
The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling malicio...
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
NA
CVE-2022-22364
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP req...
NA
CVE-2023-35701
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Hive. The vulnerability affects the Hive JDBC driver component and it can potentially lead to arbitrary code execution on the machine/endpoint that the JDBC driver (client) is running. The...
NA
CVE-2023-27360
NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of NETGEAR RAX30. Authentication is not required to exploit this vulnerability. The specific...
NA
CVE-2024-30251
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In affected versions an attacker can send a specially crafted POST (multipart/form-data) request. When the aiohttp server processes it, the server will enter an infinite loop and be unable to process ...
NA
CVE-2024-32963
Navidrome is an open source web-based music collection server and streamer. In affected versions of Navidrome are subject to a parameter tampering vulnerability where an attacker has the ability to manipulate parameter values in the HTTP requests. The attacker is able to change t...
NA
CVE-2024-2377
A vulnerability exists in the too permissive HTTP response header web server settings of the SDM600. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information.
NA
CVE-2023-50739
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IPP server, which listens on TCP port 631 by d...
NA
CVE-2024-20353
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause the device to reload unexpectedly, resulting in a denial of ...
Cisco Adaptive Security Appliance Software 9.16.1
Cisco Adaptive Security Appliance Software 9.8.2
Cisco Adaptive Security Appliance Software 9.8.3.18
Cisco Adaptive Security Appliance Software 9.8.3.26
Cisco Adaptive Security Appliance Software 9.12.2
Cisco Adaptive Security Appliance Software 9.8.2.24
Cisco Adaptive Security Appliance Software 9.8.3.16
Cisco Adaptive Security Appliance Software 9.8.4.29
Cisco Adaptive Security Appliance Software 9.12.2.5
Cisco Adaptive Security Appliance Software 9.12.4.4
Cisco Adaptive Security Appliance Software 9.8.2.20
Cisco Adaptive Security Appliance Software 9.8.4
Cisco Adaptive Security Appliance Software 9.8.4.26
Cisco Adaptive Security Appliance Software 9.14.1.30
Cisco Adaptive Security Appliance Software 9.14.1.15
Cisco Adaptive Security Appliance Software 9.8.2.26
Cisco Adaptive Security Appliance Software 9.8.2.28
Cisco Adaptive Security Appliance Software 9.8.2.33
Cisco Adaptive Security Appliance Software 9.8.2.35
Cisco Adaptive Security Appliance Software 9.8.2.38
Cisco Adaptive Security Appliance Software 9.8.4.8
Cisco Adaptive Security Appliance Software 9.8.4.10
1 Github repository
3 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »