Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an-http vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2005-2420
flsearch.pl in FtpLocate 2.02 allows remote malicious users to execute arbitrary commands via shell metacharacters in an HTTP GET request.
1 EDB exploit
505
VMScore
CVE-2001-0202
Picserver web server allows remote malicious users to read arbitrary files via a .. (dot dot) attack in an HTTP GET request.
Informs Picserver 1.0
1 EDB exploit
505
VMScore
CVE-2001-0385
GoAhead webserver 2.1 allows remote malicious users to cause a denial of service via an HTTP request to the /aux directory.
Goahead Software Goahead Webserver 2.1
1 EDB exploit
505
VMScore
CVE-2002-1023
BadBlue server allows remote malicious users to cause a denial of service (crash) via an HTTP GET request without a URI.
Working Resources Inc. Badblue 1.7.3 Personal
Working Resources Inc. Badblue 1.7.3 Enterprise
1 EDB exploit
356
VMScore
CVE-2020-36200
TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated malicious user to send an HTTP GET request to the crafted URLs.
Kaspersky Tinycheck
383
VMScore
CVE-2021-35503
Afian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs.
Afian Filerun 2021.03.26
505
VMScore
CVE-2001-0386
AnalogX SimpleServer:WWW 1.08 allows remote malicious users to cause a denial of service via an HTTP request to the /aux directory.
Analogx Simpleserver Www
1 EDB exploit
445
VMScore
CVE-2014-9634
Jenkins prior to 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote malicious users to capture cookies by intercepting their transmission within an HTTP session.
Jenkins Jenkins
231
VMScore
CVE-2012-4930
The SPDY protocol 3 and previous versions, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle malicious users to obtain plaint...
Google Chrome
Mozilla Firefox
445
VMScore
CVE-2020-28852
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
Golang Text
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »