VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-26
CVE-2022-39163
IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser connection that could lead to further cross-site scripting (XSS) attacks.
network
high complexity
CWE-444
4.7
4.7
2025-03-21
CVE-2025-30346
HTTP Request Smuggling vulnerability in multiple products
Varnish Cache before 7.6.2 and Varnish Enterprise before 6.0.13r10 allow client-side desync via HTTP/1 requests.
network
high complexity
varnish-software
varnish-cache-project
CWE-444
4.8
4.8
2025-01-28
CVE-2025-0752
A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6.
network
low complexity
CWE-444
6.3
6.3
2024-11-25
CVE-2024-9666
A vulnerability was found in the Keycloak Server.
local
high complexity
CWE-444
4.7
4.7
2024-10-08
CVE-2024-9622
A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques.
network
low complexity
CWE-444
5.3
5.3
2024-09-19
CVE-2024-45614
HTTP Request Smuggling vulnerability in Puma
Puma is a Ruby/Rack web server built for parallelism.
network
high complexity
puma
CWE-444
5.4
5.4
2024-09-08
CVE-2024-42342
HTTP Request Smuggling vulnerability in Loway Queuemetrics 22.11.6/23.09/24.05
Loway - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
network
low complexity
loway
CWE-444
4.3
4.3
2024-06-10
CVE-2024-22279
HTTP Request Smuggling vulnerability in Cloudfoundry Cf-Deployment and Routing Release
Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale.
network
low complexity
cloudfoundry
CWE-444
7.5
7.5
2024-06-04
CVE-2024-23326
HTTP Request Smuggling vulnerability in Envoyproxy Envoy
Envoy is a cloud-native, open source edge and service proxy.
network
low complexity
envoyproxy
CWE-444
8.2
8.2
2024-01-22
CVE-2023-52354
HTTP Request Smuggling vulnerability in Blitiri Chasquid
chasquid before 1.13 allows SMTP smuggling because LF-terminated lines are accepted.
network
low complexity
blitiri
CWE-444
7.5
7.5
«
1
(current)
2
3
4
5
...
15
16
»
Next