Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-8024 | 1 Mcafee | 1 Virusscan Enterprise | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing. | |||||
CVE-2016-5325 | 2 Nodejs, Suse | 2 Node.js, Linux Enterprise | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument. | |||||
CVE-2016-4993 | 1 Redhat | 3 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Wildfly Application Server | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | |||||
CVE-2015-0733 | 1 Cisco | 1 Headend Digital Broadband Delivery System | 2024-02-28 | 4.3 MEDIUM | N/A |
CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580. | |||||
CVE-2016-6839 | 1 Huawei | 1 Fusionaccess | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | |||||
CVE-2016-5699 | 1 Python | 1 Python | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. | |||||
CVE-2007-5595 | 1 Drupal | 1 Drupal | 2024-02-28 | 5.1 MEDIUM | N/A |
CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x before 4.7.8 and 5.x before 5.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. |