1149 matches found
Apache Traffic Server Input Validation Error Vulnerability (CNVD-2024-35169)
Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. Apache Traffic Server suffers from an input validation error vulnerability that stems from accepting characters that are not allowed by the HTTP field name and forwarding a...
CVE-2024-41812
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Prior to version 1.7.0, a Server-Side Request Forgery SSRF vulnerability in the /get route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to...
CVE-2024-41813
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...
CVE-2024-41813 txtdot SSRF vulnerability in /proxy
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...
CVE-2024-41813 txtdot SSRF vulnerability in /proxy
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...
CVE-2024-41813
CVE-2024-41813 (txtdot SSRF) : The impact is a Server-Side Request Forgery in the /proxy route of txtdot, where versions 1.4.0 through 1.6.0 allow an attacker to use the server as a proxy to issue HTTP GET requests to arbitrary targets, potentially exposing internal network information. The issue...
CVE-2024-41813 txtdot SSRF vulnerability in /proxy
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery SSRF vulnerability in the /proxy route of txtdot allows remote attackers to use the server as a proxy ...
CVE-2024-41812 txtdot SSRF vulnerability in /get
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Prior to version 1.7.0, a Server-Side Request Forgery SSRF vulnerability in the /get route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to...
CVE-2024-41812
TxtDot, an HTTP proxy, is affected by a Server-Side Request Forgery (SSRF) vulnerability in the /get route prior to version 1.7.0. An attacker can use the server as a proxy to send HTTP GET requests to arbitrary targets and access internal-network information. Version 1.7.0 mitigates by not displ...
CVE-2024-41812 txtdot SSRF vulnerability in /get
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Prior to version 1.7.0, a Server-Side Request Forgery SSRF vulnerability in the /get route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to...
CVE-2024-41812 txtdot SSRF vulnerability in /get
txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Prior to version 1.7.0, a Server-Side Request Forgery SSRF vulnerability in the /get route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to...
Malicious code in aio-http-proxy-support (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4754 Malicious code in aio-http-proxy-support (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Be.Vlaanԁeren.Basіsregіsters.NisCоdeService.Proxy.HttpProxy (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Bе.Vlaaոderen.Basisregisters.TicketingService.Proxy.HttpProxy (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Bе.Vlaaոderen.Basisregіsters.TicketingServiсe.Proxy.HttpProxy (NuGet)
--- -= Per source details. Do not edit below this line.=-...
[SECURITY] [DSA 5705-1] tinyproxy security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5705-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 05, 2024 https://www.debian.org/security/faq -...
RHEL 8 : odo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - follow-redirects: Exposure of Sensitive Information via Authorization Header leak CVE-2022-0536 - golang:...
RHEL 6 : squid (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - squid: Heap overflow issue in URN processing CVE-2019-12526 - squid: Buffer overflow in reverse-proxy...
Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution
Cisco Talos Vulnerability Research team recently disclosed three zero-day vulnerabilities that are still unpatched as of Wednesday, May 8. Two vulnerabilities in this group -- one in the Tinyroxy HTTP proxy daemon and another in the stbvorbis.c file library -- could lead to arbitrary code...