Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0391
Xitami 2.5d4 and previous versions allows remote malicious users to crash the server via an HTTP request to the /aux directory.
Imatix Xitami 2.4d7
Imatix Xitami 2.5d4
NA
CVE-2002-2295
Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or (2) a long method name ...
Pico Server Pico Server 2.0 Beta 1
Pico Server Pico Server 2.0 Beta 2
Pico Server Pico Server 2.0 Beta 3
Pico Server Pico Server 2.0 Beta 5
1 EDB exploit
5.3
CVSSv3
CVE-2014-9634
Jenkins prior to 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote malicious users to capture cookies by intercepting their transmission within an HTTP session.
Jenkins Jenkins
7.5
CVSSv3
CVE-2020-28852
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Golang Text
NA
CVE-2012-4930
The SPDY protocol 3 and previous versions, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle malicious users to obtain plaint...
Google Chrome
Mozilla Firefox
NA
CVE-2002-1023
BadBlue server allows remote malicious users to cause a denial of service (crash) via an HTTP GET request without a URI.
Working Resources Inc. Badblue 1.7.3 Personal
Working Resources Inc. Badblue 1.7.3 Enterprise
1 EDB exploit
6.5
CVSSv3
CVE-2020-36200
TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated malicious user to send an HTTP GET request to the crafted URLs.
Kaspersky Tinycheck
NA
CVE-2001-0202
Picserver web server allows remote malicious users to read arbitrary files via a .. (dot dot) attack in an HTTP GET request.
Informs Picserver 1.0
1 EDB exploit
NA
CVE-2001-0386
AnalogX SimpleServer:WWW 1.08 allows remote malicious users to cause a denial of service via an HTTP request to the /aux directory.
Analogx Simpleserver Www
1 EDB exploit
6.1
CVSSv3
CVE-2021-35503
Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs.
Afian Filerun 2021.03.26
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »