Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2295
Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or (2) a long method name ...
Pico Server Pico Server 2.0 Beta 1
Pico Server Pico Server 2.0 Beta 2
Pico Server Pico Server 2.0 Beta 3
Pico Server Pico Server 2.0 Beta 5
1 EDB exploit
NA
CVE-2024-4772
An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126.
6.1
CVSSv3
CVE-2010-5336
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.
Icewarp Webclient
NA
CVE-2003-1181
Advanced Poll 2.0.2 allows remote malicious users to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function.
Advanced Poll Advanced Poll 2.0.2
1 EDB exploit
NA
CVE-2013-6731
IBM Netezza Performance Portal 2.x prior to 2.0.0.3 allows remote authenticated users to change arbitrary passwords via an HTTP POST request.
Ibm Netezza Performance Portal 2.0.0.1
Ibm Netezza Performance Portal 2.0.0.2
Ibm Netezza Performance Portal 2.0
6.1
CVSSv3
CVE-2010-5340
IceWarp Webclient prior to 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.
Icewarp Webclient
NA
CVE-2004-1813
VocalTec VGW4/8 Gateway 8.0 allows remote malicious users to bypass authentication via an HTTP request to home.asp with a trailing slash (/).
Vocaltec Vgw4 8 Telephony Gateway 8.0
1 EDB exploit
NA
CVE-2002-0753
Buffer overflow in Talentsoft Web+ 5.0 allows remote malicious users to execute arbitrary code via an HTTP request with a long cookie.
Talentsoft Web\\+ Server 5.0
Talentsoft Web\\+ Server 4.6
8.1
CVSSv3
CVE-2019-10101
JetBrains Kotlin versions prior to 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.
Jetbrains Kotlin
NA
CVE-2002-1541
BadBlue 1.7 allows remote malicious users to bypass password protections for directories and files via an HTTP request containing an extra / (slash).
Working Resources Inc. Badblue 1.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »