Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-16014
Http-proxy is a proxying library. Because of the way errors are handled in versions prior to 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.
Http-proxy Project Http-proxy
7.5
CVSSv2
CVE-2021-21322
fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user e...
Fastify-http-proxy Project Fastify-http-proxy
9
CVSSv2
CVE-2019-10196
A flaw was found in http-proxy-agent, prior to version 2.1.0. It exists http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure throug...
Http-proxy-agent Project Http-proxy-agent
Fedoraproject Fedora 27
Redhat Software Collections -
Redhat Enterprise Linux 7.0
5.1
CVSSv2
CVE-2006-4450
usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote malicious users to use the server as a web proxy by submitting a URL to the avatarurl parameter, which is then used in an HTTP GET request.
Phpbb Group Phpbb 2.0.20
1 EDB exploit
4.3
CVSSv2
CVE-2008-7025
TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (crash) and disable the HIDS module via a crafted response.
Checkpoint Zonealarm 8.0.020.000
1 EDB exploit
5
CVSSv2
CVE-2006-2341
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote malicious users to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separ...
Symantec Gateway Security 2.0.1
Symantec Gateway Security 3.0
Symantec Enterprise Firewall 8.0
Symantec Gateway Security 5000 Series 2.0.1
Symantec Gateway Security 5000 Series 3.0
1 EDB exploit
5
CVSSv2
CVE-2003-0807
Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote malicious users to cause a denial of service via a crafted request.
Microsoft Windows Nt 4.0
Microsoft Windows 2000
Microsoft Windows 2003 Server R2
Microsoft Windows Xp
7.5
CVSSv2
CVE-2005-1340
The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote malicious users to use the proxy.
Apple Mac Os X 10.3.9
4.3
CVSSv2
CVE-2019-6158
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. This only affects LXCA when HTTP proxy credentials have been configured. This affects LXCA versions 2.0.0 to 2.3.x.
Lenovo Xclarity Administrator
7.5
CVSSv2
CVE-2002-0847
tinyproxy HTTP proxy 1.5.0, 1.4.3, and previous versions allows remote malicious users to execute arbitrary code via memory that is freed twice (double-free).
Tinyproxy Tinyproxy 1.3.2
Tinyproxy Tinyproxy 1.3.3
Tinyproxy Tinyproxy 1.4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »