Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-27927
RSSHub is an open source RSS feed generator. Prior to version 1.0.0-master.a429472, RSSHub allows remote malicious users to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service (DoS)...
NA
CVE_2023_46805
Penetration testing of https://ris.ucll.be/ Tools used Nmap It looks like the host is running on Azure since the ports are open by default 1221 and 8172. This is also indicated by the fingerprint Microsoft Azure Web App. The Python webserver being used is Gunicorn, it is a Unix b...
1 Github repository
NA
CVE-2024-1884
This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side module that allows an malicious user to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.
NA
CVE_2021_38647
CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2021-38647 AKA OMIGOD exploit attempts. https://corelight.com/blog/detecting-cve-2021-38647-omigod https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure https://msrc.microsoft.com/update-guide/v...
1 Github repository
NA
CVE-2023-49785
NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are vulnerable to server-side request forgery and cross-site scripting. This vulnerability enables read access to internal HTTP endpoints but also wri...
NA
CVE-2024-26566
An issue in Cute Http File Server v.3.1 allows a remote malicious user to escalate privileges via the password verification component.
NA
CVE-2024-1624
An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x, SIMULIA Abaqus from Release 2022 through Release 2024, SIMULIA Isight from Release 2022 through Release 2024 and CATIA Compos...
1 Github repository
NA
CVE-2024-0403
Recipes version 1.5.10 allows arbitrary HTTP requests to be made through the server. This is possible because the application is vulnerable to SSRF.
NA
CVE-2024-1953
Mattermost versions 8.1.x prior to 8.1.9, 9.2.x prior to 9.2.5, 9.3.0, and 9.4.x prior to 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated malicious user to cause the server to run out of memory and crash by issuing an unusually large...
NA
CVE-2022-34357
IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service un...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »