Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-42916
In curl prior to 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be byp...
Haxx Curl
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
NA
CVE-2022-32221
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This f...
Haxx Curl
Netapp Clustered Data Ontap -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
445
VMScore
CVE-2005-2728
The byte-range filter in Apache 2.0 prior to 2.0.54 allows remote malicious users to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
Apache Http Server 2.0.42
Apache Http Server 2.0.47
Apache Http Server 2.0.50
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.52
Apache Http Server 2.0.53
Apache Http Server 2.0.51
Apache Http Server 2.0.28
Apache Http Server 2.0.41
Apache Http Server 2.0.49
Apache Http Server 2.0.9
Apache Http Server 2.0.32
Apache Http Server 2.0.38
Apache Http Server 2.0.48
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.36
Apache Http Server 2.0.46
Apache Http Server 2.0.43
445
VMScore
CVE-2020-8517
An issue exists in Squid prior to 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being ter...
Squid-cache Squid
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
383
VMScore
CVE-2011-1469
Unspecified vulnerability in the Streams component in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper.
Php Php 5.3.0
Php Php 5.3.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 4.4.3
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 5.2.11
Php Php 5.2.5
Php Php 5.2.1
Php Php 5.2.2
356
VMScore
CVE-2017-7479
OpenVPN versions prior to 2.3.15 and prior to 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
Openvpn Openvpn
Openvpn Openvpn 2.4.0
Openvpn Openvpn 2.4.1
890
VMScore
CVE-2005-2700
ssl_engine_kernel.c in mod_ssl prior to 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote malicious users to bypass intende...
Apache Http Server
Debian Debian Linux 3.1
Debian Debian Linux 3.0
Canonical Ubuntu Linux 4.10
Canonical Ubuntu Linux 5.04
445
VMScore
CVE-2017-7508
OpenVPN versions prior to 2.4.3 and prior to 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.
Openvpn Openvpn
Openvpn Openvpn 2.4.1
Openvpn Openvpn 2.4.2
Openvpn Openvpn 2.4.0
1 Article
NA
CVE-2023-23916
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of a...
Haxx Curl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Clustered Data Ontap -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
383
VMScore
CVE-2017-7521
OpenVPN versions prior to 2.4.3 and prior to 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().
Openvpn Openvpn
Openvpn Openvpn 2.4.0
Openvpn Openvpn 2.4.2
Openvpn Openvpn 2.4.1
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »