Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxy server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45226
The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed...
F5 Big-ip Next Service Proxy For Kubernetes 1.5.0
5
CVSSv2
CVE-2021-34737
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote malicious user to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4...
Cisco Ios Xr
1.7
CVSSv2
CVE-2017-7995
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions prior to 4...
Xen Xen
Novell Suse Linux Enterprise Point Of Sale 11.0
Novell Suse Linux Enterprise Server 11.0
Suse Manager Proxy 2.1
Suse Manager 2.1
Suse Openstack Cloud 5
NA
CVE-2023-43762
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
Withsecure F-secure Policy Manager 15.00
Withsecure Policy Manager Proxy 15.00
7.2
CVSSv2
CVE-2022-27239
In cifs-utils up to and including 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Samba Cifs-utils
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Suse Linux Enterprise Server 11
Suse Openstack Cloud 8.0
Suse Linux Enterprise Server 15
Suse Linux Enterprise Software Development Kit 12
Suse Openstack Cloud Crowbar 8.0
Suse Openstack Cloud Crowbar 9.0
Suse Openstack Cloud 9.0
Suse Linux Enterprise Server 12
Suse Manager Server 4.1
Suse Linux Enterprise Desktop 15
Suse Enterprise Storage 7.0
Suse Caas Platform 4.0
Suse Enterprise Storage 6.0
Suse Manager Proxy 4.1
Suse Linux Enterprise High Performance Computing 12.0
Suse Linux Enterprise High Performance Computing 15.0
Suse Linux Enterprise Real Time 15.0
Suse Linux Enterprise Point Of Service 11.0
7.5
CVSSv2
CVE-2003-1286
HTTP Proxy in Sambar Server prior to 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote malicious users to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive&...
Sambar Sambar Server 5.0
Sambar Sambar Server 5.1
Sambar Sambar Server 6.0
Sambar Sambar Server 5.2
Sambar Sambar Server 5.3
1 EDB exploit
4.3
CVSSv2
CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch patt...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
5
CVSSv2
CVE-2019-1886
A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certi...
Cisco Asyncos
Cisco Web Security Appliance 10.5.2-072
Cisco Web Security Appliance 11.7.0-fcs-334
Cisco Web Security Appliance 10.5.3-025
6
CVSSv2
CVE-2020-4432
Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.
Ibm Aspera Application Platform On Demand
Ibm Aspera Faspex On Demand
Ibm Aspera High-speed Transfer Endpoint
Ibm Aspera High-speed Transfer Server
Ibm Aspera High-speed Transfer Server For Cloud Pak For Integration
Ibm Aspera Proxy Server
Ibm Aspera Server On Demand
Ibm Aspera Shares On Demand
Ibm Aspera Streaming
Ibm Aspera Transfer Cluster Manager
9.3
CVSSv2
CVE-2020-4433
Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to cra...
Ibm Aspera Application Platform On Demand
Ibm Aspera Faspex On Demand
Ibm Aspera High-speed Transfer Endpoint
Ibm Aspera High-speed Transfer Server
Ibm Aspera High-speed Transfer Server For Cloud Pak For Integration
Ibm Aspera Proxy Server
Ibm Aspera Server On Demand
Ibm Aspera Shares On Demand
Ibm Aspera Streaming
Ibm Aspera Transfer Cluster Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »