Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected d
Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel. Although such appl
Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a matc
The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campa
The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP ad
CVE-2024-11986
CRITICAL CVSS 9.6
Find Similar
Improper input handling in the 'Host Header' allows an unauthenticated attacker to store a payload in web application logs. When an Administrator views the logs using the application's standard functi
CVE-2026-28367
CRITICAL CVSS 9.1
Find Similar
A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such
HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP res
Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')   The software does not neutralize or incorrectly neutra
A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 hash of the password as well as the
In Xerox Workplace Suite, an API restricted to specific hosts can be bypassed by manipulating the Host header. If the server improperly validates or trusts the Host header without verifying the actual
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal netwo
CVE-2026-2833
CRITICAL CVSS 9.3
Find Similar
An HTTP request smuggling vulnerability (CWE-444) was found in Pingora's handling of HTTP/1.1 connection upgrades. The issue occurs when a Pingora proxy reads a request containing an Upgrade header, c
OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by se
An HTTP Request Smuggling [CWE-444] vulnerability in the Authentication portal of WatchGuard Fireware OS allows a remote attacker to evade request parameter sanitation and perform a reflected self-Cro
Overview   The software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users. (CWE-79)
Overview   The software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users. (CWE-79)
GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External En
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLS_HOST
JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Hos
Page 1+ Next →