Falhas do tipo CWE-444
235 resultadosCVE-2024-38494HIGHSymantec Privileged Access Manager Remote Command Execution vulnerabilityEPSS 0.6%CVE-2024-53868HIGHApache Traffic Server: Malformed chunked message body allows request smugglingEPSS 0.6%CVE-2020-5218MEDIUMAbility in Sylius to switch channels via GET parameter enabled in production environmentsEPSS 0.6%CVE-2022-31109HIGHHTTP Host Header Attack Vulnerability in laminas-diactorosEPSS 0.6%CVE-2024-35538MEDIUMTypecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifyEPSS 0.6%CVE-2023-33987HIGHRequest smuggling and request concatenation in SAP Web DispatcherEPSS 0.6%CVE-2024-52304MEDIUMaiohttp vulnerable to request smuggling due to incorrect parsing of chunk extensionsEPSS 0.6%CVE-2026-23527HIGHh3 v1 has Request Smuggling (TE.TE) issueEPSS 0.6%CVE-2024-56908MEDIUMIn Perfex Crm < 3.2.1, an authenticated attacker can send a crafted HTTP POST request to the affected upload_sales_file endpoint. By providiEPSS 0.6%CVE-2024-23316HIGHPingAccess HTTP Request Desynchronization WeaknessEPSS 0.5%CVE-2021-33683MEDIUMSAP Web Dispatcher and Internet Communication Manager (ICM), versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22EPSS 0.5%CVE-2024-56523CRITICALRadware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote attackers to bypass firewall filters by placing random data in EPSS 0.5%CVE-2026-23941HIGHRequest smuggling via first-wins Content-Length parsing in inets httpdEPSS 0.5%CVE-2026-2332HIGHHTTP Request Smuggling via Chunked Extension Quoted-String ParsingEPSS 0.5%CVE-2025-43859CRITICALh11 accepts some malformed Chunked-Encoding bodiesEPSS 0.5%CVE-2024-21088HIGHVulnerability in the Oracle Production Scheduling product of Oracle E-Business Suite (component: Import Utility). Supported versions that aEPSS 0.5%CVE-2025-6999MEDIUMWatchGuard Firebox Authentication Portal Request Smuggling VulnerabilityEPSS 0.5%CVE-2026-39805MEDIUMCL.CL HTTP request smuggling via duplicate Content-Length in banditEPSS 0.5%CVE-2025-32094MEDIUMAn issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client makingEPSS 0.5%CVE-2025-61258HIGHOutsystems Platform Server 11.18.1.37828 allows attackers to cause a denial of service via a crafted content-length value mismatching the boEPSS 0.5%