V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Filters

All vulnerabilities

25 / 25
Preset: exploit×Has exploit×CWE: CWE-444×Clear all
10.0
CVE-2022-22536CVE KEV
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SA…
2022-01-01KEV
EPSS97.9%
pct 99
9.9
CVE-2023-41265CVE KEV
An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions…
2023-01-01KEV
EPSS85.0%
pct 99
9.8
CVE-2023-25690ANC
Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP …
2023-01-01Pre-auth
EPSS83.8%
pct 99
9.9
CVE-2025-55315MSR
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Cor…
2025-01-01Microsoft
EPSS66.3%
pct 99
9.8
CVE-2021-30180CVE
Apache Dubbo prior to 2.7.9 support Tag routing which will enable a customer to route the reque…
2021-01-01Pre-auth
EPSS60.4%
pct 99
7.5
CVE-2021-40346AST
An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited t…
2021-01-01Pre-auth
EPSS56.1%
pct 98
6.5
CVE-2016-6816DEB
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to …
2016-01-01Pre-auth
EPSS39.6%
pct 98
8.3
CVE-2022-22720ANC
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encount…
2022-01-01Pre-auth
EPSS28.2%
pct 97
9.9
CVE-2023-48365CVE KEV
Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code…
2023-01-01KEV
EPSS24.7%
pct 97
6.5
CVE-2022-26377ANC
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_pr…
2022-01-01Pre-auth
EPSS18.9%
pct 96
5.3
CVE-2019-20372DEB
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as …
2019-01-01Pre-auth
EPSS15.0%
pct 96
9.8
CVE-2022-29361CVE
Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perf…
2022-01-01Pre-auth
EPSS7.7%
pct 93
6.5
CVE-2018-8004DEB
There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requ…
2018-01-01
EPSS6.3%
pct 92
7.4
CVE-2017-15643CVE
An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKAR…
2017-01-01
EPSS6.1%
pct 92
8.2
CVE-2023-25725AST
HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadverten…
2023-01-01Pre-auth
EPSS5.5%
pct 91
7.5
CVE-2020-25613AST
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WE…
2020-01-01Pre-auth
EPSS3.8%
pct 88
6.5
CVE-2017-2666DEB
It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid…
2017-01-01Pre-auth
EPSS2.7%
pct 84
2.6
CVE-2017-12165DEB
It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers …
2017-01-01
EPSS1.9%
pct 76
6.5
CVE-2017-7559DEB
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, …
2017-01-01Pre-auth
EPSS1.7%
pct 74
5.3
CVE-2022-2466CVE
It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead…
2022-01-01Pre-auth
EPSS1.4%
pct 69
7.5
CVE-2022-45059DEB
An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smu…
2022-01-01Pre-auth
EPSS1.2%
pct 64
7.5
CVE-2024-34350ANC
Next.js is a React framework that can provide building blocks to create web applications. Prior…
2024-01-01Pre-auth
EPSS1.2%
pct 62
7.5
CVE-2025-31137ANC
React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. T…
2025-01-01Pre-auth
EPSS1.1%
pct 61
6.5
CVE-2026-48710DEB
Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP `Host` requ…
2026-01-01Pre-auth
EPSS1.0%
pct 58
6.5
CVE-2025-23167ANC
A flaw in Node.js 20's HTTP parser allows improper termination of HTTP/1 headers using `\r\n\rX…
2025-01-01Pre-auth
EPSS0.4%
pct 35
Select a vulnerability on the left to open the preview.