Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http file server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-4181
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark 3.6.0
Wireshark Wireshark
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
7.5
CVSSv3
CVE-2021-4184
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark 3.6.0
Wireshark Wireshark
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
7.5
CVSSv3
CVE-2021-4185
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Wireshark Wireshark 3.6.0
Wireshark Wireshark
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
NA
CVE-1999-0067
phf CGI program allows remote command execution through shell metacharacters.
Apache Http Server 1.0.3
Ncsa Ncsa Httpd 1.5a
2 Github repositories
9.8
CVSSv3
CVE-2022-25236
xmlparse.c in Expat (aka libexpat) prior to 2.4.5 allows malicious users to insert namespace-separator characters into namespace URIs.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
NA
CVE-2013-4407
HTTP::Body::Multipart in the HTTP-Body module for Perl (1.07 up to and including 1.22, prior to 1.23) uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote malicious users to cond...
Http-body Project Http-body 1.05
Http-body Project Http-body 1.01
Http-body Project Http-body 0.2
Http-body Project Http-body 0.9
Http-body Project Http-body
Http-body Project Http-body 0.8
Http-body Project Http-body 0.5
Http-body Project Http-body 1.12
Http-body Project Http-body 1.04
Http-body Project Http-body 1.10
Http-body Project Http-body 1.02
Http-body Project Http-body 0.4
Http-body Project Http-body 1.08
Http-body Project Http-body 0.6
Http-body Project Http-body 0.03
Http-body Project Http-body 1.14
Http-body Project Http-body 1.07
Http-body Project Http-body 1.15
Http-body Project Http-body 1.00
Http-body Project Http-body 0.7
Http-body Project Http-body 1.09
Http-body Project Http-body 1.11
4.9
CVSSv3
CVE-2018-0196
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests...
Cisco Ios Xe 16.2.0
Cisco Ios Xe 16.3\\(1\\)
Cisco Ios Xe 16.1.2
6.5
CVSSv3
CVE-2022-25313
In Expat (aka libexpat) prior to 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
1 Github repository
7.5
CVSSv3
CVE-2022-25314
In Expat (aka libexpat) prior to 2.4.5, there is an integer overflow in copyString.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
9.8
CVSSv3
CVE-2022-35508
Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the...
Proxmox Proxmox Mail Gateway -
Proxmox Pve Http Server
Proxmox Virtual Environment -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »