Lucene search
K

16 matches found

OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2024-f6b87970b3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.63076EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2025/01/13 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2025-0003)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.63076EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2025/01/09 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-7190-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.63076EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.8 views

Fedora 41 : tinyproxy (2024-f6b87970b3)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f6b87970b3 advisory. Automatic update for tinyproxy-1.11.2-1.fc41. Changelog Tue Jul 16 2024 Carl George - 1.11.2-1 - Update to version 1.11.2 rhbz2298298 - Fixes CVE-2023-49606...

9.8CVSS6.1AI score0.63076EPSS
Exploits2References2
Debian
Debian
added 2024/09/18 9:15 p.m.10 views

[SECURITY] [DLA 3892-1] tinyproxy security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3892-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz September 18, 2024 https://wiki.debian.org/LTS -...

9.8CVSS7AI score0.63076EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/09/18 12:0 a.m.19 views

Debian dla-3892 : tinyproxy - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3892 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3892-1 [email protected]...

9.8CVSS6.6AI score0.63076EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2024/08/06 12:0 a.m.12 views

Fedora: Security Advisory (FEDORA-2024-661a8bb3b0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.63076EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2024/06/06 12:0 a.m.36 views

Tinyproxy <= 1.11.1 UAF Vulnerability

Tinyproxy is prone to an use-after-free UAF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:banu:tinyproxy"; if...

9.8CVSS9.6AI score0.63076EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/06/05 12:0 a.m.16 views

Debian dsa-5705 : tinyproxy - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5705 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5705-1 [email protected] https://www.debian.org/security/ Moritz...

9.8CVSS6AI score0.63076EPSS
Exploits2References4
OPENSUSE Linux
OPENSUSE Linux
added 2024/05/10 12:0 a.m.4 views

Security update for tinyproxy (important)

openSUSE Security Update: Security update for tinyproxy Announcement ID: openSUSE-SU-2024:0119-1 Rating: important References: 1200028 1203553 1223743 1223746 Cross-References: CVE-2012-3505 CVE-2017-11747 CVE-2022-40468 CVE-2023-40533 CVE-2023-49606 CVSS scores: CVE-2017-11747 NVD : 5.5...

7.5CVSS6.6AI score0.63076EPSS
Exploits3References4
The Hacker News
The Hacker News
added 2024/05/06 2:0 p.m.21 views

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution

More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which...

9.8CVSS8.4AI score0.63076EPSS
Exploits2
Circl
Circl
added 2024/05/06 10:39 a.m.4 views

CVE-2023-49606

creationtimestamp| type| source ---|---|--- 2024-05-06 10:39:55+00:00| seen| https://t.me/HackingInsights/85 2024-05-06 13:34:11+00:00| published-proof-of-concept| https://t.me/HackingInsights/93 2024-05-06 16:50:19+00:00| seen| https://t.me/KomunitiSiber/1899 2024-05-06 17:01:06+00:00| seen|...

9.8CVSS6.2AI score0.63076EPSS
Exploits2References15
NVD
NVD
added 2024/05/01 4:15 p.m.18 views

CVE-2023-49606

A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make ...

9.8CVSS10AI score0.63076EPSS
Exploits2References4
OSV
OSV
added 2024/05/01 4:15 p.m.1 views

ALPINE-CVE-2023-49606

A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make ...

9.8CVSS8.4AI score0.63076EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/05/01 3:31 p.m.28 views

CVE-2023-49606

A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make ...

9.8CVSS8AI score0.63076EPSS
Exploits2References2
CVE
CVE
added 2024/05/01 3:31 p.m.178 views

CVE-2023-49606

CVE-2023-49606 is a use-after-free in Tinyproxy’s HTTP Connection Headers parsing (affecting 1.11.1 and 1.10.0). A specially crafted, unauthenticated HTTP request can trigger reuse of freed memory, causing memory corruption and potentially remote code execution. Public advisories confirm fixes in...

9.8CVSS9.7AI score0.63076EPSS
In wildExploits2References4Affected Software1
Rows per page
Query Builder