Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2011-4968
nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)
F5 Nginx 0.7.61
F5 Nginx 0.7.62
F5 Nginx 0.7.64
F5 Nginx 0.7.65
F5 Nginx 0.7.66
F5 Nginx 0.8.33
F5 Nginx 0.8.35
F5 Nginx 0.8.36
F5 Nginx 0.8.40
F5 Nginx 1.2.6
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2002-0847
tinyproxy HTTP proxy 1.5.0, 1.4.3, and previous versions allows remote malicious users to execute arbitrary code via memory that is freed twice (double-free).
Tinyproxy Tinyproxy 1.3.2
Tinyproxy Tinyproxy 1.3.3
Tinyproxy Tinyproxy 1.4.3
2.1
CVSSv2
CVE-2017-9271
The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local malicious users to gain access to proxies used.
Opensuse Zypper -
Fedoraproject Fedora 33
5
CVSSv2
CVE-2021-3116
before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py prior to 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or).
Proxy.py Project Proxy.py
5
CVSSv2
CVE-2010-4488
Google Chrome prior to 8.0.552.215 does not properly handle HTTP proxy authentication, which allows remote malicious users to cause a denial of service (application crash) via unspecified vectors.
Google Chrome
10
CVSSv2
CVE-2000-0376
Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote malicious users to execute arbitrary commands via a long HTTP GET request.
I-drive Filo 1.01
10
CVSSv2
CVE-2007-2031
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel prior to 20070413, might allow remote malicious users to execute arbitrary code via crafted transparent requests.
3proxy 3proxy
3 EDB exploits
5
CVSSv2
CVE-2005-2730
The HTTP proxy in Astaro Security Linux 6.0 allows remote malicious users to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.
Astaro Security Linux 6.001
7.5
CVSSv2
CVE-2005-2729
The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote malicious users to bypass firewall rules and connect to local services.
Astaro Security Linux 6.001
1 EDB exploit
7.5
CVSSv2
CVE-2003-0106
The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
Symantec Enterprise Firewall 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »