Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tinyproxy tinyproxy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0847
tinyproxy HTTP proxy 1.5.0, 1.4.3, and previous versions allows remote malicious users to execute arbitrary code via memory that is freed twice (double-free).
Tinyproxy Tinyproxy 1.3.2
Tinyproxy Tinyproxy 1.3.3
Tinyproxy Tinyproxy 1.4.3
NA
CVE-2012-3505
Tinyproxy 1.8.3 and previous versions allows remote malicious users to cause a denial of service (CPU and memory consumption) via (1) a large number of headers or (2) a large number of forged headers that trigger hash collisions predictably. bucket.
Banu Tinyproxy 1.7.1
Banu Tinyproxy 1.6.0
Banu Tinyproxy 1.5.0
Banu Tinyproxy 1.5.2
Banu Tinyproxy 1.6.5
Banu Tinyproxy
Banu Tinyproxy 1.5.1
Banu Tinyproxy 1.5.3
Banu Tinyproxy 1.6.1
Banu Tinyproxy 1.6.4
Banu Tinyproxy 1.8.2
Banu Tinyproxy 1.7.0
Banu Tinyproxy 1.8.0
Banu Tinyproxy 1.6.2
Banu Tinyproxy 1.6.3
Banu Tinyproxy 1.8.1
NA
CVE-2011-1843
Integer overflow in conf.c in Tinyproxy prior to 1.8.3 might allow remote malicious users to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers.
Banu Tinyproxy
Banu Tinyproxy 1.6.0
Banu Tinyproxy 1.6.4
Banu Tinyproxy 1.5.0
Banu Tinyproxy 1.5.1
Banu Tinyproxy 1.5.3
Banu Tinyproxy 1.6.1
Banu Tinyproxy 1.6.2
Banu Tinyproxy 1.5.2
Banu Tinyproxy 1.7.1
Banu Tinyproxy 1.7.0
Banu Tinyproxy 1.6.5
Banu Tinyproxy 1.8.1
Banu Tinyproxy 1.8.0
Banu Tinyproxy 1.6.3
NA
CVE-2001-0129
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a long connect request.
Tinyproxy Tinyproxy 1.3.3
Tinyproxy Tinyproxy
1 EDB exploit
NA
CVE-2011-1499
acl.c in Tinyproxy prior to 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote malicious users to hide the origin of web traffic by leveraging the open HTTP proxy server.
Banu Tinyproxy 1.7.1
Banu Tinyproxy 1.7.0
Banu Tinyproxy 1.6.0
Banu Tinyproxy 1.5.0
Banu Tinyproxy 1.5.1
Banu Tinyproxy
Banu Tinyproxy 1.6.2
Banu Tinyproxy 1.5.3
Banu Tinyproxy 1.8.1
Banu Tinyproxy 1.8.0
Banu Tinyproxy 1.6.4
Banu Tinyproxy 1.6.3
Banu Tinyproxy 1.6.5
Banu Tinyproxy 1.6.1
Banu Tinyproxy 1.5.2
Debian Debian Linux 6.0
7.5
CVSSv3
CVE-2022-40468
Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and previous versions use uninitialized buffers in process_request() function.
Tinyproxy Project Tinyproxy
5.5
CVSSv3
CVE-2017-11747
main.c in Tinyproxy 1.8.4 and previous versions creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification befo...
Tinyproxy Project Tinyproxy
9.8
CVSSv3
CVE-2023-49606
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attack...
4 Github repositories
1 Article
NA
CVE-2023-40533
Rejected reason: This CVE ID is a duplicate of CVE-2022-40468
NA
CVE-2017-111747
tinyproxy: CVE-2017-11747: Creating PID file after privileges dropping allows local DoS
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started