Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-0433
Pi3Web 2.0.0 allows remote malicious users to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character.
Pi3 Pi3web 2.0.0
5
CVSSv2
CVE-2001-0385
GoAhead webserver 2.1 allows remote malicious users to cause a denial of service via an HTTP request to the /aux directory.
Goahead Software Goahead Webserver 2.1
1 EDB exploit
5
CVSSv2
CVE-2001-0386
AnalogX SimpleServer:WWW 1.08 allows remote malicious users to cause a denial of service via an HTTP request to the /aux directory.
Analogx Simpleserver Www
1 EDB exploit
5
CVSSv2
CVE-2002-1023
BadBlue server allows remote malicious users to cause a denial of service (crash) via an HTTP GET request without a URI.
Working Resources Inc. Badblue 1.7.3 Personal
Working Resources Inc. Badblue 1.7.3 Enterprise
1 EDB exploit
5
CVSSv2
CVE-2001-0202
Picserver web server allows remote malicious users to read arbitrary files via a .. (dot dot) attack in an HTTP GET request.
Informs Picserver 1.0
1 EDB exploit
4
CVSSv2
CVE-2020-36200
TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated malicious user to send an HTTP GET request to the crafted URLs.
Kaspersky Tinycheck
4.3
CVSSv2
CVE-2021-35503
Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs.
Afian Filerun 2021.03.26
5
CVSSv2
CVE-2020-28852
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Golang Text
2.6
CVSSv2
CVE-2012-4930
The SPDY protocol 3 and previous versions, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle malicious users to obtain plaint...
Google Chrome
Mozilla Firefox
7.5
CVSSv2
CVE-2002-2295
Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or (2) a long method name ...
Pico Server Pico Server 2.0 Beta 1
Pico Server Pico Server 2.0 Beta 2
Pico Server Pico Server 2.0 Beta 3
Pico Server Pico Server 2.0 Beta 5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »