Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-proxy vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-0847
tinyproxy HTTP proxy 1.5.0, 1.4.3, and previous versions allows remote malicious users to execute arbitrary code via memory that is freed twice (double-free).
Tinyproxy Tinyproxy 1.3.2
Tinyproxy Tinyproxy 1.3.3
Tinyproxy Tinyproxy 1.4.3
516
VMScore
CVE-2011-4968
nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)
F5 Nginx 0.7.61
F5 Nginx 0.7.62
F5 Nginx 0.7.64
F5 Nginx 0.7.65
F5 Nginx 0.7.66
F5 Nginx 0.8.33
F5 Nginx 0.8.35
F5 Nginx 0.8.36
F5 Nginx 0.8.40
F5 Nginx 1.2.6
Debian Debian Linux 8.0
NA
CVE-2022-43551
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mecha...
Haxx Curl
Fedoraproject Fedora 37
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
445
VMScore
CVE-2021-3116
before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py prior to 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or).
Proxy.py Project Proxy.py
445
VMScore
CVE-2010-4488
Google Chrome prior to 8.0.552.215 does not properly handle HTTP proxy authentication, which allows remote malicious users to cause a denial of service (application crash) via unspecified vectors.
Google Chrome
890
VMScore
CVE-2000-0376
Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote malicious users to execute arbitrary commands via a long HTTP GET request.
I-drive Filo 1.01
445
VMScore
CVE-2005-2730
The HTTP proxy in Astaro Security Linux 6.0 allows remote malicious users to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.
Astaro Security Linux 6.001
1000
VMScore
CVE-2007-2031
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel prior to 20070413, might allow remote malicious users to execute arbitrary code via crafted transparent requests.
3proxy 3proxy
3 EDB exploits
755
VMScore
CVE-2005-2729
The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote malicious users to bypass firewall rules and connect to local services.
Astaro Security Linux 6.001
1 EDB exploit
755
VMScore
CVE-2003-0803
Nokia Electronic Documentation (NED) 5.0 allows remote malicious users to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.
Nokia Electronic Documentation 5.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »