Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0541
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote malicious users to execute arbitrary code via a long password ("pass" variable).
National Science Foundation Squid Web Proxy Cache 2.5 Stable
National Science Foundation Squid Web Proxy Cache 3 Pre
2 EDB exploits
NA
CVE-2014-3015
Cross-site request forgery (CSRF) vulnerability in the Web player in IBM Sametime Proxy Server and Web Client 9.0 up to and including 9.0.0.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Sametime Proxy Server And Web Client 9.0.0.1
Ibm Sametime Proxy Server And Web Client 9.0.0.0
9.8
CVSSv3
CVE-2019-10196
A flaw was found in http-proxy-agent, prior to version 2.1.0. It exists http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure throug...
Http-proxy-agent Project Http-proxy-agent
Fedoraproject Fedora 27
Redhat Software Collections -
Redhat Enterprise Linux 7.0
8.2
CVSSv3
CVE-2020-4462
IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability t...
Ibm Sterling External Authentication Server 2.4.2.0
Ibm Sterling External Authentication Server 2.4.3.2
Ibm Sterling External Authentication Server 6.0.0.0
Ibm Sterling External Authentication Server 6.0.1.0
Ibm Sterling Secure Proxy 3.4.2.0
Ibm Sterling Secure Proxy 3.4.3.0
Ibm Sterling Secure Proxy 6.0.0.0
Ibm Sterling Secure Proxy 6.0.1.0
7.8
CVSSv3
CVE-2022-31590
SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated pr...
Sap Powerdesigner Proxy 16.7
4
CVSSv3
CVE-2022-27820
OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server.
Owasp Zed Attack Proxy
8.8
CVSSv3
CVE-2023-32987
A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and previous versions allows malicious users to connect to an attacker-specified LDAP server using attacker-specified credentials.
Jenkins Reverse Proxy Auth
7.5
CVSSv3
CVE-2023-32111
In SAP PowerDesigner (Proxy) - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of th...
Sap Powerdesigner Proxy 16.7
4.8
CVSSv3
CVE-2022-28379
jc21.com Nginx Proxy Manager prior to 2.9.17 allows XSS during item deletion.
Nginxproxymanager Nginx Proxy Manager
7.1
CVSSv3
CVE-2022-21697
Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy before 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled is affe...
Jupyter Jupyter Server Proxy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »