Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proxy vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-11053
In OAuth2 Proxy prior to 5.1.1, there is an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This re...
Oauth2 Proxy Project Oauth2 Proxy
5.5
CVSSv3
CVE-2021-21411
OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based authorization in the GitLab provider stopped working in the v7.0.0 release. Regardless of the flag settings, authorization w...
Oauth2 Proxy Project Oauth2 Proxy
7.5
CVSSv3
CVE-2017-16014
Http-proxy is a proxying library. Because of the way errors are handled in versions prior to 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.
Http-proxy Project Http-proxy
NA
CVE-2008-0633
Buffer overflow in Anon Proxy Server 0.102 and previous versions, when user authentication is enabled, allows remote malicious users to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.
Anon Proxy Server Anon Proxy Server
1 EDB exploit
8.8
CVSSv3
CVE-2017-1000069
CSRF in Bitly oauth2_proxy 2.1 during authentication flow
Oauth2 Proxy Project Oauth2 Proxy 2.1
NA
CVE-2008-4541
Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 up to and including 4.0.7 allows remote malicious users to execute arbitrary code via a crafted HTTP GET request.
Sun Java System Web Proxy Server 4.0
Sun Java System Web Proxy Server 4.0.1
Sun Java System Web Proxy Server 4.0.3
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.6
Sun Java System Web Proxy Server 4.0.5
Sun Java System Web Proxy Server 4.0.7
Sun Java System Web Proxy Server 4.0.2
7.5
CVSSv3
CVE-2017-16037
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing malicious users to access any file in the system by placing '../' in the URL.
Gomeplus-h5-proxy Project Gomeplus-h5-proxy
9.1
CVSSv3
CVE-2018-3739
https-proxy-agent prior to 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g. JSON).
Https-proxy-agent Project Https-proxy-agent
NA
CVE-2007-6459
Anon Proxy Server 0.100, and probably 0.101, allows remote malicious users to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability...
Anon Proxy Server Anon Proxy Server 0.100
1 EDB exploit
NA
CVE-2007-6460
Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server prior to 0.101 allow remote malicious users to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459.
Anon Proxy Server Anon Proxy Server 0.101
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »