Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http file server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-4181
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark 3.6.0
Wireshark Wireshark
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
5
CVSSv2
CVE-2021-4184
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark 3.6.0
Wireshark Wireshark
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
5
CVSSv2
CVE-2021-4185
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark 3.6.0
Wireshark Wireshark
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
10
CVSSv2
CVE-1999-0067
phf CGI program allows remote command execution through shell metacharacters.
Apache Http Server 1.0.3
Ncsa Ncsa Httpd 1.5a
2 Github repositories
7.5
CVSSv2
CVE-2022-25236
xmlparse.c in Expat (aka libexpat) prior to 2.4.5 allows malicious users to insert namespace-separator characters into namespace URIs.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
6.8
CVSSv2
CVE-2013-4407
HTTP::Body::Multipart in the HTTP-Body module for Perl (1.07 up to and including 1.22, prior to 1.23) uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote malicious users to cond...
Http-body Project Http-body 1.05
Http-body Project Http-body 1.01
Http-body Project Http-body 0.2
Http-body Project Http-body 0.9
Http-body Project Http-body
Http-body Project Http-body 0.8
Http-body Project Http-body 0.5
Http-body Project Http-body 1.12
Http-body Project Http-body 1.04
Http-body Project Http-body 1.10
Http-body Project Http-body 1.02
Http-body Project Http-body 0.4
Http-body Project Http-body 1.08
Http-body Project Http-body 0.6
Http-body Project Http-body 0.03
Http-body Project Http-body 1.14
Http-body Project Http-body 1.07
Http-body Project Http-body 1.15
Http-body Project Http-body 1.00
Http-body Project Http-body 0.7
Http-body Project Http-body 1.09
Http-body Project Http-body 1.11
4
CVSSv2
CVE-2018-0196
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests...
Cisco Ios Xe 16.2.0
Cisco Ios Xe 16.3\\(1\\)
Cisco Ios Xe 16.1.2
4.3
CVSSv2
CVE-2022-25313
In Expat (aka libexpat) prior to 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
1 Github repository
5
CVSSv2
CVE-2022-25314
In Expat (aka libexpat) prior to 2.4.5, there is an integer overflow in copyString.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
NA
CVE-2022-35508
Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the...
Proxmox Proxmox Mail Gateway -
Proxmox Pve Http Server
Proxmox Virtual Environment -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »