16 matches found
Fedora: Security Advisory (FEDORA-2024-f6b87970b3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2025-0003)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7190-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : tinyproxy (2024-f6b87970b3)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f6b87970b3 advisory. Automatic update for tinyproxy-1.11.2-1.fc41. Changelog Tue Jul 16 2024 Carl George - 1.11.2-1 - Update to version 1.11.2 rhbz2298298 - Fixes CVE-2023-49606...
[SECURITY] [DLA 3892-1] tinyproxy security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3892-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 18, 2024 https://wiki.debian.org/LTS -...
Debian dla-3892 : tinyproxy - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3892 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3892-1 [email protected]...
Fedora: Security Advisory (FEDORA-2024-661a8bb3b0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Tinyproxy <= 1.11.1 UAF Vulnerability
Tinyproxy is prone to an use-after-free UAF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:banu:tinyproxy"; if...
Debian dsa-5705 : tinyproxy - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5705 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5705-1 [email protected] https://www.debian.org/security/ Moritz...
Security update for tinyproxy (important)
openSUSE Security Update: Security update for tinyproxy Announcement ID: openSUSE-SU-2024:0119-1 Rating: important References: 1200028 1203553 1223743 1223746 Cross-References: CVE-2012-3505 CVE-2017-11747 CVE-2022-40468 CVE-2023-40533 CVE-2023-49606 CVSS scores: CVE-2017-11747 NVD : 5.5...
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution
More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which...
CVE-2023-49606
creationtimestamp| type| source ---|---|--- 2024-05-06 10:39:55+00:00| seen| https://t.me/HackingInsights/85 2024-05-06 13:34:11+00:00| published-proof-of-concept| https://t.me/HackingInsights/93 2024-05-06 16:50:19+00:00| seen| https://t.me/KomunitiSiber/1899 2024-05-06 17:01:06+00:00| seen|...
CVE-2023-49606
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make ...
ALPINE-CVE-2023-49606
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make ...
CVE-2023-49606
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make ...
CVE-2023-49606
CVE-2023-49606 is a use-after-free in Tinyproxy’s HTTP Connection Headers parsing (affecting 1.11.1 and 1.10.0). A specially crafted, unauthenticated HTTP request can trigger reuse of freed memory, causing memory corruption and potentially remote code execution. Public advisories confirm fixes in...