676 matches found
CVE-2025-0130
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...
CVE-2025-0130
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...
CVE-2025-0130
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...
CVE-2025-0130
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...
CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...
CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...
CVE-2025-0130
PAN-OS CVE-2025-0130 describes a denial-of-service: a missing exception check in the web-proxy feature allows an unauthenticated attacker to send malicious packets that crash the firewall and reboot, with repeated attempts leading to maintenance mode. Affected product is Palo Alto Networks PAN-OS...
PT-2025-21199
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: A missing exception check in the software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets, causing the...
Palo Alto Networks PAN-OS 11.1.x < 11.1.6-h1 / 11.1.x < 11.1.7-h2 / 11.2.x < 11.2.5 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 11.1.x prior to 11.1.6-h1 / 11.1.7-h2 or 11.2.x prior to 11.2.5. It is, therefore, affected by a vulnerability. A missing exception check in Palo Alto Networks PAN-OS software with the web proxy feature enabled allows an...
The vulnerability of the HTTP-Proxy software for network firewalls, the UserGate Next-Generation Firewall (NGFW), allows a hacker to read arbitrary files.
The vulnerability of the HTTP-Proxy software of the UserGate Next-Generation Firewall exists due to the lack of measures to check input data. Exploiting this vulnerability allows a remote attacker to read arbitrary files...
CVE-2022-24848
DHIS2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability affects the /api/programs/orgUnits?programs= API endpoint in DHIS2 versions prior to 2.36.10.1 and 2.37.6.1. The system is vulnerable to attack only from...
PT-2024-17759 · Satellite · Satellite
Name of the Vulnerable Software and Affected Versions: Satellite affected versions not specified Description: A server-side request forgery issue exists. When a PUT HTTP request is made to "/http proxies/test connection", and the http proxies variable is set to "localhost", an attacker can fetch...
Fortinet Fortigate Information disclosure in web proxy error pages (FG-IR-21-231)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-231 advisory. - A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through...
CVE-2024-20490
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...
Cisco Nexus Dashboard 安全漏洞
Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard that stems from the possibility that HTTP proxy credentials could be recorded in internal logs stored in...
Falsification and eavesdropping of contents across multiple websites via Web Rehosting services
Overview Researchers at NTT Secure Platform Laboratories and Waseda University have identified multiple security issues that lead to content being tampered with and eavesdropped on a service called Web Rehosting. These issues have been published in NDSS 2020. "Web Rehosting" is the name of a grou...
PT-2024-7968 · Eclipse · Eclipse Dataspace Components
Name of the Vulnerable Software and Affected Versions: Eclipse Dataspace Components versions 0.5.0 through 0.9.0 Description: The issue is related to the ConsumerPullTransferTokenValidationApiController component, which has inadequate authentication procedures. This allows a remote attacker to...
CVE-2023-6452
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Web Security Transaction Viewer allows Stored XSS. The Forcepoint Web Security portal allows administrators to generate detailed reports on user requests made through the Web proxy. It h...
USN-6907-1: Squid vulnerability
Joshua Rogers discovered that Squid did not properly handle multi-byte characters during Edge Side Includes ESI processing. A remote attacker could possibly use this issue to cause a memory corruption error, leading to a denial of service...
[SECURITY] Fedora 39 Update: squid-6.10-1.fc39
Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...