Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxy server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0659
Buffer overflow in AnalogX proxy server 4.04 and previous versions allows remote malicious users to cause a denial of service via a long user ID in a SOCKS4 CONNECT request.
Analogx Proxy 4.4
10
CVSSv2
CVE-2020-13159
Artica Proxy prior to 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818.
Articatech Artica Proxy
1 Github repository
NA
CVE-2023-48312
capsule-proxy is a reverse proxy for the capsule operator project. Affected versions are subject to a privilege escalation vulnerability which is based on a missing check if the user is authenticated based on the `TokenReview` result. All the clusters running with the `anonymous-...
Clastix Capsule-proxy
7.5
CVSSv2
CVE-2020-14359
A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers (via cURL) an attacker can bypass our Gatekeeper. Lower case headers are also accepted by some webservers (e.g. Jetty). This means there is no protection when we put a Gatekee...
Redhat Louketo Proxy
7.5
CVSSv2
CVE-2002-0371
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 up to and including 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote malicious users to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a...
Microsoft Internet Explorer 6.0
Microsoft Isa Server 2000
Microsoft Internet Explorer 5.0.1
Microsoft Proxy Server 2.0
Microsoft Internet Explorer 5.5
University Of Minnesota Gopher
1 EDB exploit
6.5
CVSSv2
CVE-2022-23652
capsule-proxy is a reverse proxy for Capsule Operator which provides multi-tenancy in Kubernetes. In versions before 0.2.1 an attacker with a proper authentication mechanism may use a malicious `Connection` header to start a privilege escalation attack towards the Kubernetes API ...
Clastix Capsule-proxy
3.6
CVSSv2
CVE-2021-3456
An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local malicious user to access and delete limited resources ...
Theforeman Smart Proxy Salt
4.3
CVSSv2
CVE-2022-27820
OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server.
Owasp Zed Attack Proxy
5
CVSSv2
CVE-2021-23664
The package @isomorphic-git/cors-proxy prior to 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.
Isomorphic-git Cors-proxy
NA
CVE-2023-32987
A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and previous versions allows malicious users to connect to an attacker-specified LDAP server using attacker-specified credentials.
Jenkins Reverse Proxy Auth
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »