Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-5037
MySource Matrix after 3.8 allows remote malicious users to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the rese...
Squiz Mysource Matrix 3.8.6a
Squiz Mysource Matrix 3.8.2
Squiz Mysource Matrix 3.8.3
Squiz Mysource Matrix 3.10.1
Squiz Mysource Matrix 3.8.4
Squiz Mysource Matrix 3.8
Squiz Mysource Matrix 3.10
Squiz Mysource Matrix 3.8.5
10
CVSSv2
CVE-2001-0129
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a long connect request.
Tinyproxy Tinyproxy 1.3.3
Tinyproxy Tinyproxy
1 EDB exploit
7.8
CVSSv2
CVE-2007-3253
Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) prior to 7.005 allow remote malicious users to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy dur...
Astaro Security Gateway 7.0
NA
CVE-2022-42915
curl prior to 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might ref...
Haxx Curl
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Ontap 9 -
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.1
CVSSv2
CVE-2022-23018
On BIG-IP AFM version 16.1.x prior to 16.1.2, 15.1.x prior to 15.1.4.1, 14.1.x prior to 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Man...
F5 Big-ip Advanced Firewall Manager
7.1
CVSSv2
CVE-2022-23021
On BIG-IP version 16.1.x prior to 16.1.2, when any of the following configurations are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate: HTTP redirect rule in an LTM policy, BIG-IP APM Access Profile, and Explici...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
3.3
CVSSv2
CVE-2022-32290
The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network int...
Northern.tech Mender 3.2.1
Northern.tech Mender 3.2.2
Northern.tech Mender 3.2.0
3.3
CVSSv2
CVE-2020-6868
There is an input validation vulnerability in a PON terminal product of ZTE, which supports the creation of WAN connections through WEB management pages. The front-end limits the length of the WAN connection name that is created, but the HTTP proxy is available to be used to bypa...
Zte F680 Firmware Zxhn F680v9.0.10p1n6
4.3
CVSSv2
CVE-2005-2088
The Apache HTTP server prior to 1.3.34, and 2.0.x prior to 2.0.55, when acting as an HTTP proxy, allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chu...
Apache Http Server
Debian Debian Linux 3.1
Debian Debian Linux 3.0
7.8
CVSSv2
CVE-2013-1155
The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 prior to 3.2(20.1), 4.0 prior to 4.0(15.2), and 4.1 prior to 4.1(5.1) allows remote malicious users to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624.
Cisco Firewall Services Module Software 3.2\\(11\\)
Cisco Firewall Services Module Software 3.2\\(10\\)
Cisco Firewall Services Module Software 3.2\\(9\\)
Cisco Firewall Services Module Software 3.2\\(8\\)
Cisco Firewall Services Module Software 4.0\\(4\\)
Cisco Firewall Services Module Software 4.0\\(14\\)
Cisco Firewall Services Module Software 4.0\\(7\\)
Cisco Firewall Services Module Software 4.0\\(6\\)
Cisco Firewall Services Module Software 3.1
Cisco Firewall Services Module Software 3.2\\(18\\)
Cisco Firewall Services Module Software 3.2\\(15\\)
Cisco Firewall Services Module Software 3.2\\(6\\)
Cisco Firewall Services Module Software 3.2\\(5\\)
Cisco Firewall Services Module Software 4.0\\(15\\)
Cisco Firewall Services Module Software 4.0\\(2\\)
Cisco Firewall Services Module Software 4.0\\(8\\)
Cisco Firewall Services Module Software 4.0\\(11\\)
Cisco Firewall Services Module Software 4.0\\(13\\)
Cisco Firewall Services Module Software 4.1\\(4\\)
Cisco Firewall Services Module Software 3.2\\(14\\)
Cisco Firewall Services Module Software 3.2
Cisco Firewall Services Module Software 3.2\\(1\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »