Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-14037
CrushFTP prior to 7.8.0 and 8.x prior to 8.2.0 has an HTTP header vulnerability.
Crushftp Crushftp
Crushftp Crushftp 8.0.3
Crushftp Crushftp 8.0.4
Crushftp Crushftp 8.1.0
Crushftp Crushftp 8.0.2
NA
CVE-2009-2066
Apple Safari detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a s...
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 1.1.0
Apple Safari 1.1
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 2.0
Apple Safari 2.0.0
Apple Safari 2.0.3
Apple Safari 1.0.0
Apple Safari 1.0.0b1
Apple Safari 1.0
Apple Safari 1.2.3
Apple Safari 1.2.4
Apple Safari 0.9
Apple Safari 1.0.3
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.3.2
Apple Safari 3
Apple Safari 3.0
NA
CVE-2009-2067
Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script f...
Opera Opera Browser 9.10
Opera Opera Browser 7.23
Opera Opera Browser 8.0
Opera Opera Browser 9.01
Opera Opera Browser 9.0
Opera Opera Browser 7.53
Opera Opera Browser 8.51
Opera Opera Browser 8.53
Opera Opera Browser 9.20
Opera Opera Browser 9.12
Opera Opera Browser 9.02
Opera Opera Browser 9.21
Opera Opera Browser 8.54
Opera Opera Browser 8.01
Opera Opera Browser 7.60
Opera Opera Browser 8.52
Opera Opera Browser 7.54
Opera Opera Browser 7.0
Opera Opera Browser 8.02
Opera Opera Browser 8.50
Opera Opera Browser
NA
CVE-2009-2068
Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a ...
Opera Opera 5.0
Opera Opera 5.02
Opera Opera 5.1
Opera Opera 5.5
Opera Opera 5.6
Opera Opera 6.01
Opera Opera 6.02
Opera Opera 6.12
Opera Opera 6
Opera Opera 7.03
Opera Opera 7.10
Opera Opera 7.50
Opera Opera 8.0
Opera Opera 8.54
Opera Opera 9.0
Opera Opera 5.12
Opera Opera 5.2
Opera Opera 5.9
Opera Opera 6.0
Opera Opera 6.05
Opera Opera 6.06
Opera Opera 7.0
NA
CVE-2015-4640
The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle malicious users to write to language-pack files by modifying an HTTP response. NOTE: CV...
Swiftkey Swiftkey Sdk
7.5
CVSSv3
CVE-2020-15576
SolarWinds Serv-U File Server prior to 15.2.1 allows information disclosure via an HTTP response.
Solarwinds Serv-u
NA
CVE-2009-2065
Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page to inc...
Mozilla Firefox 0.1
Mozilla Firefox 0.6
Mozilla Firefox 0.6.1
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.7
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.1
Mozilla Firefox 1.5
Mozilla Firefox 2.0.0.16
Mozilla Firefox 2.0.0.17
Mozilla Firefox 2.0.0.7
Mozilla Firefox 2.0.0.9
Mozilla Firefox 2.0.0.8
Mozilla Firefox 2.0 .6
Mozilla Firefox 2.0 .9
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.6
NA
CVE-2003-1152
WebTide 7.04 allows remote malicious users to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?").
Infrontech Webtide 7.0.4
8.8
CVSSv3
CVE-2021-33621
The cgi gem prior to 0.1.0.2, 0.2.x prior to 0.2.2, and 0.3.x prior to 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
Ruby-lang Cgi
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Ruby-lang Ruby
NA
CVE-2009-2064
Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle malicious users to execute arbitrary web script, in an https site's context, by modifying an http page...
Microsoft Internet Explorer 6
Microsoft Pocket Ie 1.1
Microsoft Pocket Ie 2.0
Microsoft Internet Explorer 8
Microsoft Internet Explorer 8.0b
Microsoft Pocket Ie 3.0
Microsoft Pocket Ie 4.0
Microsoft Internet Explorer 5
Microsoft Internet Explorer 5.01
Microsoft Pocket Ie 1.0
Microsoft Internet Explorer
Microsoft Internet Explorer 7
Microsoft Internet Explorer 7.0.5730
Microsoft Pocket Ie 2002
Microsoft Pocket Ie 2003
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »