Falhas do tipo CWE-444
235 resultadosCVE-2022-38114MEDIUMClient-Side Desync Vulnerability EPSS 0.5%CVE-2024-44775HIGHkmqtt v0.2.7 is vulnerable to Denial of Service (DoS) due to a Null Pointer Exception. A remote attacker can cause the broker to crash by seEPSS 0.5%CVE-2025-14523HIGHLibsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)EPSS 0.5%CVE-2024-20915MEDIUMVulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login - SSO). Supported versions thatEPSS 0.5%CVE-2026-1525MEDIUMundici is vulnerable to Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')EPSS 0.5%CVE-2024-49768CRITICALWaitress has request processing race condition in HTTP pipelining with invalid first requestEPSS 0.5%CVE-2026-40560HIGHStarman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header PrecedenceEPSS 0.5%CVE-2023-51701MEDIUM@fastify-reply-from JSON Content-Type parsing confusionEPSS 0.5%CVE-2023-49584MEDIUMClient-Side Desynchronization vulnerability in SAP Fiori LaunchpadEPSS 0.5%CVE-2024-29643CRITICALAn issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component.EPSS 0.5%CVE-2023-52354HIGHchasquid before 1.13 allows SMTP smuggling because LF-terminated lines are accepted.EPSS 0.5%CVE-2026-28497CRITICALTinyWeb: Integer Overflow in `_Val` (HTTP Request Smuggling)EPSS 0.5%CVE-2025-23167MEDIUMA flaw in Node.js 20's HTTP parser allows improper termination of HTTP/1 headers using `\r\n\rX` instead of the required `\r\n\r\n`.
This inEPSS 0.5%CVE-2026-33870HIGHNetty: HTTP Request Smuggling via Chunked Extension Quoted-String ParsingEPSS 0.5%CVE-2023-50811MEDIUMAn issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the “computer” POST parameter related to the ID of a EPSS 0.5%CVE-2026-24880HIGHApache Tomcat: Request smuggling via invalid chunk extensionEPSS 0.5%CVE-2026-41873CRITICALPony Mail: Admin account takeover via request smugglingEPSS 0.4%CVE-2024-27185CRITICAL[20240802] - Core - Cache Poisoning in PaginationEPSS 0.4%CVE-2025-65114HIGHApache Traffic Server: Malformed chunked message body allows request smugglingEPSS 0.4%CVE-2026-29057MEDIUMNext.js: HTTP request smuggling in rewritesEPSS 0.4%