Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-444

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Parent: CWE-436 - Interpretation Conflict

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

315 vulnerabilities with CWE-444

CVE-2024-23316 HIGH

Ping Identity PingAccess <8.0.1 - Open Redirect

CVE-2024-34350 HIGH

Next.js <13.5.1 - Use After Free

CVE-2024-27982 MEDIUM

Node - HTTP Request Smuggling

CVE-2024-32638 MEDIUM

Apache Apisix - HTTP Request Smuggling

CVE-2024-21088 HIGH

Oracle E-business Suite < 12.2.12 - HTTP Request Smuggling

CVE-2024-1135 HIGH

Gunicorn - HTTP Request Smuggling

CVE-2024-24795 MEDIUM

Apache HTTP Server <2.4.59 - SSRF

CVE-2024-27922 CRITICAL

Tomphttp Tomp Bare Server < 2.0.2 - HTTP Request Smuggling

CVE-2024-22081 CRITICAL

Espec G5 <1.1.4.15 - Memory Corruption

CVE-2024-27439 MEDIUM

Apache Wicket <9.16.0 - Auth Bypass

CVE-2024-20915 MEDIUM

Oracle Application Object Library < 12.2.13 - HTTP Request Smuggling

CVE-2024-23452 HIGH

Apache Brpc < 1.8.0 - HTTP Request Smuggling

CVE-2024-23829 MEDIUM

Aiohttp < 3.9.2 - HTTP Request Smuggling

CVE-2024-21647 MEDIUM

Puma < 5.6.8 - HTTP Request Smuggling

CVE-2023-53878 HIGH

Member Login Script 3.3 - SSRF

CVE-2023-29476 CRITICAL

Menlo On-Premise Appliance <2.88 - Info Disclosure

CVE-2023-4639 HIGH

Undertow - SSRF

CVE-2023-38522 HIGH

Apache Traffic Server <8.1.10, <9.2.4 - SSRF

CVE-2023-50811 MEDIUM

Seling Visual Access Manager - HTTP Request Smuggling

CVE-2023-51747 HIGH

Apache James <3.8.1-3.7.5 - SMTP Smuggling

CVE-2023-52354 HIGH

Blitiri Chasquid < 1.13 - HTTP Request Smuggling

CVE-2023-51701 MEDIUM

Fastify Reply From <9.6.0 - CSRF

CVE-2023-49584 MEDIUM

SAP Fiori Launchpad - HTTP Request Smuggling

CVE-2023-46589 HIGH

Apache Tomcat <11.0.0-M10 - Request Smuggling

CVE-2023-48365 CRITICAL KEV

Qlik Sense - HTTP Request Smuggling

Previous Page 5 of 13 Next

Details

Vulnerabilities 315

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy