EUVD-2009-2054

Malware in sbrugna...

EUVD-2009-2067

Malware in sbrugna...

EUVD-2009-2068

Malware in sbrugna...

EUVD-2024-43173

Malicious code in bioql PyPI...

ROS-20250619-06

Dante proxy server vulnerability is related to improper access restrictions in certain configurations of sockd.conf that includes socksmethod. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions. remotely to bypass the...

CVE-2025-0330 Exposure of Sensitive Information in berriai/litellm

In berriai/litellm version v1.52.1, an issue in proxyserver.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability exposes sensitive information, including langfusesecret and langfusepublickey, which can provide full access to the Langfuse...

The vulnerability of the proxy server of the Fortinet FortiManager device management software, as well as the FortiAnalyzer security event monitoring and analysis tools, allows a perpetrator to execute arbitrary codes or commands.

The vulnerability of the proxy server of the Fortinet FortiManager device management software, as well as the FortiAnalyzer event monitoring and analysis tools, relates to an escape from the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or...

CVE-2024-48874

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud...

CVE-2024-48874

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x up to and including 2.320.x. An attacker can exploit this vulnerability to force Ruijie's proxy server to execute any request of the attacker's choosing...

CVE-2024-36038 Stored XSS

Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross-site scripting vulnerability in the proxy server option...

BIT-PYTHON-2021-23336 Web Cache Poisoning

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

Squid Code Problem Vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A code issue vulnerability exists in versions prior to Squid 6.0.1 that stems from a NULL pointer dereference, which c...

The vulnerability of the proxy server of the Windows operating system’s data streaming service allows attackers to enhance their privileges.

The vulnerability of the proxy server of the Windows operating system for data streaming services is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

Privoxy 输入验证错误漏洞

Privoxy is a proxy server from the American Privoxy team that does not cache web pages and comes with filtering. It has advanced filtering features to enhance privacy, modify web data and HTTP headers, control access and remove ads and other annoying Internet junk. privoxy has flexible...

The vulnerability of the SAP NetWeaver integration platform, related to the lack of measures taken to protect the structure of the web page, allows a hacker to intercept the session of administrators or users of web resources.

The vulnerability of the ProxyServer server of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept the session of administrators ...

H2Csmuggler - HTTP Request Smuggling Over HTTP/2 Cleartext (H2C)

h2cSmuggler smuggles HTTP traffic past insecure edge-server proxypass configurations by establishing HTTP/2 cleartext h2c communications with h2c-compatible back-end servers, allowing a bypass of proxy rules and access controls. See my detailed write-up below for: Technical breakdown of the...

The vulnerability of the Cisco AsyncOS operating system proxy server of Cisco Web Security Appliance allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco AsyncOS operating system’s proxy server for Cisco Web Security Appliance products exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending corrupted HTTP or HTTPS requests t...

The vulnerability of the WebSphere Application Server software allows a malicious intruder to compromise the confidentiality of protected information.

The vulnerability in Proxy and ODR servers of IBM WebSphere Application Server allows a malicious actor in the network to access confidential information. This vulnerability is related to the improper processing of requests...

Microsoft ISA and Proxy Server Web Site Spoofing Vulnerability

Description Microsoft ISA and Proxy Server are reportedly prone to a Web site spoofing vulnerability. Successful exploitation of this issue could allow a remote attacker to spoof a trusted Web site. If a connection were made to the spoofed Web site using SSL, the malicious site would not be able ...