Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1415
NetCharts XBRL Server 4.0.0 allows remote malicious users to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification.
Visual Mining Netcharts Xbrl Server 4.0.0
5.3
CVSSv3
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications prior to 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
Kde Kde Applications
9.8
CVSSv3
CVE-2020-14932
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.
Squirrelmail Squirrelmail 1.4.22
6.5
CVSSv3
CVE-2020-8492
Python 2.7 up to and including 2.7.17, 3.5 up to and including 3.5.9, 3.6 up to and including 3.6.10, 3.7 up to and including 3.7.6, and 3.8 up to and including 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of...
Python Python
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
NA
CVE-2002-0946
Directory traversal vulnerability in SeaNox Devwex prior to 1.2002.0601 allows remote malicious users to read arbitrary files via ..\ (dot dot) sequences in an HTTP request.
Seanox Devwex 2002-05-20
1 EDB exploit
6.5
CVSSv3
CVE-2019-3996
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
NA
CVE-2002-1021
BadBlue server allows remote malicious users to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
Working Resources Inc. Badblue 1.7.3 Personal
Working Resources Inc. Badblue 1.7.3 Enterprise
1 EDB exploit
NA
CVE-2001-1296
More.groupware PHP script allows remote malicious users to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Marc Logemann More.groupware 0.5.1
NA
CVE-2005-1708
templates.admin.users.user_form_processing in Blue Coat Reporter prior to 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.
Bluecoat Reporter
1 EDB exploit
NA
CVE-2004-1887
Ada Image Server (ImgSvr) 0.4 allows remote malicious users to view directories or download files via an HTTP request with a trailing %00 (null).
Ada Imgsvr 0.4
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »