Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
request tracker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34966
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elem...
Samba Samba
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
605
VMScore
CVE-2013-3370
Request Tracker (RT) 3.8.x prior to 3.8.17 and 4.0.x prior to 4.0.13 does not properly restrict access to private callback components, which allows remote malicious users to have an unspecified impact via a direct request.
Bestpractical Rt 4.0.12
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.9
Bestpractical Rt 4.0.11
Bestpractical Rt 4.0.3
Bestpractical Rt 4.0.8
Bestpractical Rt 4.0.1
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.2
Bestpractical Rt 4.0.4
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.10
Bestpractical Rt 4.0.5
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.9
Bestpractical Rt 3.8.11
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.13
Bestpractical Rt 3.8.10
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.0
446
VMScore
CVE-2021-25122
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.6
Oracle Database 12.2.0.1
Oracle Database 19c
Oracle Managed File Transfer 12.2.1.4.0
Oracle Siebel Ui Framework
Oracle Mysql Enterprise Monitor
Oracle Graph Server And Client
Oracle Graph Server And Client 21.3.0
Oracle Database 21c
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Instant Messaging Server 10.0.1.5.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.6.0
NA
CVE-2022-32213
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).
Llhttp Llhttp
Nodejs Node.js
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Siemens Sinec Ins 1.0
Debian Debian Linux 11.0
Stormshield Stormshield Management Center
570
VMScore
CVE-2022-23959
In Varnish Cache prior to 6.6.2 and 7.x prior to 7.0.2, Varnish Cache 6.0 LTS prior to 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x prior to 4.1.11r6 and 6.0.x prior to 6.0.9r4, request smuggling can occur for HTTP/1 connections.
Varnish-software Varnich Cache 4.1
Varnish-software Varnich Cache
Varnish Cache Project Varnish Cache
Varnish-software Varnish Cache
Varnish-software Varnish Cache Plus
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
312
VMScore
CVE-2020-15810
An issue exists in Squid prior to 4.13 and 5.x prior to 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security a...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
356
VMScore
CVE-2020-15811
An issue exists in Squid prior to 4.13 and 5.x prior to 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security a...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
356
VMScore
CVE-2012-4731
FAQ manager for Request Tracker (RTFM) prior to 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors.
Bestpractical Rtfm 2.2.0
Bestpractical Rtfm 2.2.1
Bestpractical Rtfm
Bestpractical Rtfm 2.4.2
Bestpractical Rtfm 2.4.1
Bestpractical Rtfm 2.2.2
Bestpractical Rtfm 2.4.0
NA
CVE-2022-25763
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an malicious user to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2023-4012
ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).
Ntpsec Ntpsec 1.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »