Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-0803
Nokia Electronic Documentation (NED) 5.0 allows remote malicious users to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.
Nokia Electronic Documentation 5.0
1 EDB exploit
6.4
CVSSv2
CVE-2022-29188
Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny a...
Stripe Smokescreen
5
CVSSv2
CVE-2019-4119
IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.
Ibm Cloud Private 3.1.1
Ibm Cloud Private
Ibm Cloud Private 3.1.0
Ibm Cloud Private 3.1.2
5
CVSSv2
CVE-2006-4409
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 up to and including 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.5
Apple Mac Os X 10.4.6
Apple Mac Os X 10.4.3
Apple Mac Os X 10.4.4
Apple Mac Os X 10.4
Apple Mac Os X 10.4.7
Apple Mac Os X 10.4.8
2.6
CVSSv2
CVE-2011-1499
acl.c in Tinyproxy prior to 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote malicious users to hide the origin of web traffic by leveraging the open HTTP proxy server.
Banu Tinyproxy 1.7.1
Banu Tinyproxy 1.7.0
Banu Tinyproxy 1.6.0
Banu Tinyproxy 1.5.0
Banu Tinyproxy 1.5.1
Banu Tinyproxy
Banu Tinyproxy 1.6.2
Banu Tinyproxy 1.5.3
Banu Tinyproxy 1.8.1
Banu Tinyproxy 1.8.0
Banu Tinyproxy 1.6.4
Banu Tinyproxy 1.6.3
Banu Tinyproxy 1.6.5
Banu Tinyproxy 1.6.1
Banu Tinyproxy 1.5.2
Debian Debian Linux 6.0
5
CVSSv2
CVE-2006-1218
Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and previous versions allows remote malicious users to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1".
Novell Bordermanager 3.8
5.4
CVSSv2
CVE-2010-3281
Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote malicious users to execute arbitrary code or cause a denial of service (service crash) via a long request.
Alcatel-lucent Omnivista 4760 Server 4.1.13.00
Alcatel-lucent Omnivista 4760 Server 5.1
Alcatel-lucent Omnivista 4760 Server 5.0
Alcatel-lucent Omnivista 4760 Server 5.1.06.03.c
Alcatel-lucent Omnivista 4760 Server
7.5
CVSSv2
CVE-2002-0663
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request.
Symantec Norton Internet Security 2001
Symantec Norton Personal Firewall 2001 3.0.4.91
7.5
CVSSv2
CVE-2002-0133
Buffer overflows in Avirt Gateway Suite 4.2 allow remote malicious users to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy.
Avirt Avirt Gateway 4.2
Avirt Avirt Gateway Suite 4.2
Avirt Avirt Soho 4.2
4.3
CVSSv2
CVE-2011-4661
A memory leak vulnerability exists in Cisco IOS prior to 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.
Cisco Ios
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »