Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxy vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-22336
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.
Ibm Sterling Secure Proxy 6.0.2
Ibm Sterling Secure Proxy 3.4.3.2
Ibm Sterling External Authentication Server 6.0.2.0
Ibm Sterling External Authentication Server 3.4.3.2
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling Secure Proxy 6.0.3.0
5
CVSSv2
CVE-2021-29722
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 201095.
Ibm Sterling External Authentication Server 2.4.3.2
Ibm Sterling External Authentication Server 6.0.1.0
Ibm Sterling External Authentication Server 6.0.2.0
Ibm Sterling Secure Proxy 3.4.3.2
Ibm Sterling Secure Proxy 6.0.1
Ibm Sterling Secure Proxy 6.0.2
4
CVSSv2
CVE-2021-29728
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: ...
Ibm Sterling External Authentication Server 2.4.3.2
Ibm Sterling External Authentication Server 6.0.1.0
Ibm Sterling External Authentication Server 6.0.2.0
Ibm Sterling Secure Proxy 3.4.3.2
Ibm Sterling Secure Proxy 6.0.1
Ibm Sterling Secure Proxy 6.0.2
5
CVSSv2
CVE-2021-29725
IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.
Ibm Secure External Authentication Server 2.4.3.2
Ibm Secure External Authentication Server 6.0.1
Ibm Secure External Authentication Server 6.0.2
Ibm Sterling Secure Proxy 3.4.3.2
Ibm Sterling Secure Proxy 6.0.1
Ibm Sterling Secure Proxy 6.0.2
9
CVSSv2
CVE-2020-17505
Artica Web Proxy 4.30.000000 allows an authenticated remote malicious user to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
Articatech Web Proxy 4.30.000000
7.5
CVSSv2
CVE-2020-17506
Artica Web Proxy 4.30.00000000 allows remote malicious user to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.
Articatech Web Proxy 4.30.000000
1 Github repository
3.5
CVSSv2
CVE-2022-28379
jc21.com Nginx Proxy Manager prior to 2.9.17 allows XSS during item deletion.
Nginxproxymanager Nginx Proxy Manager
9
CVSSv2
CVE-2019-7300
Artica Proxy 3.06.200056 allows remote malicious users to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.
Articatech Artica Proxy 3.06.200056
NA
CVE-2023-23596
jc21 NGINX Proxy Manager up to and including 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, ...
Jc21 Nginx Proxy Manager
4.9
CVSSv2
CVE-2021-41130
Extensible Service Proxy, a.k.a. ESP is a proxy which enables API management capabilities for JSON/REST or gRPC API services. ESPv1 can be configured to authenticate a JWT token. Its verified JWT claim is passed to the application by HTTP header "X-Endpoint-API-UserInfo"...
Google Extensible Service Proxy
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »