Lucene search
K

675 matches found

Cvelist
Cvelist
added 2021/10/11 4:37 p.m.16 views

CVE-2021-27002

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

7.7AI score0.01347EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/11 12:0 a.m.3 views

Netapp NetApp Cloud Manager 授权问题漏洞

Netapp NetApp Cloud Manager is an application from Netapp, Inc. which provides centralized orchestration of hybrid cloud storage and data management services. An authorization issue vulnerability exists in NetApp Cloud Manager, which arises from the product not validating the identity of a user...

7.5CVSS7.4AI score0.01347EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2021/10/05 2:5 p.m.105 views

USN-5104-1: Squid vulnerability

Lyu discovered that Squid incorrectly handled WCCP protocol data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information...

5.3CVSS5.9AI score0.13005EPSS
Exploits0
CNNVD
CNNVD
added 2021/09/27 12:0 a.m.3 views

ZOOM on-premise Meeting Connector 输入验证错误漏洞

ZOOM on-premise Meeting Connector is a meeting connector from Zoom ZOOM USA. A security vulnerability exists in the Zoom on-premise Meeting Connector Controller that stems from the load balancer's inability to validate input sent in a request to update the web proxy configuration. An attacker cou...

7.2CVSS7.3AI score0.01516EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2021/09/03 12:0 a.m.170 views

OpenSIS 8.0 Directory Traversal

Exploit Title: OpenSIS 8.0 'modname' - Directory/Path Traversal Date: 09-02-2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux The 'modname' parameter in the 'Modules.php' is vulnerable to loc...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/09/02 12:0 a.m.143 views

OpenSIS Community 8.0 SQL Injection

Exploit Title: OpenSIS Community 8.0 - 'cpidmissattn' SQL Injection Date: 09/01/2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux A SQL injection vulnerability exists in the Take Attendance...

Exploits0
Citrix
Citrix
added 2021/07/29 12:0 a.m.6 views

FAQ: Citrix Secure Web and Proxy Support

This article answers the frequently asked questions on Secure Web and Web proxy support. For more information about Secure Web and proxy support, refer to Citrix Documentation - Citrix Secure Web. The support for PAC file inMDX application is removed as of September 2021. This means Citrix has...

6.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.3 views

The vulnerability of the index.php component in the PHP Proxy web proxy script allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the index.php component in the PHP Proxy web proxy script is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

6.4CVSS6AI score0.00937EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2021/06/17 11:35 a.m.3 views

curl: TLS 1.3 session ticket mix-up with HTTPS proxy host

A flaw was found in the way libcurl handled TLS 1.3 session tickets. A malicious HTTPS proxy could possibly use this flaw to make libcurl resume a TLS session it previously had with the proxy while intending to resume a TLS session with a target server, making it possible for the proxy to perform...

4.3CVSS7.2AI score0.03141EPSS
Exploits1References5
OSV
OSV
added 2021/05/27 12:15 p.m.2 views

ALPINE-CVE-2021-28662

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic...

6.5CVSS7AI score0.71867EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/10 12:0 a.m.3 views

Kubernetes SIGs kube-proxy 安全漏洞

Kubernetes SIGs kube-proxy is an open source application for Kubernetes SIGs. A web proxy. A security vulnerability exists in Kubernetes SIGs kube-proxy, which stems from the possibility that packets sent by the program may be incorrectly routed and arrive elsewhere...

6.3CVSS7AI score0.00908EPSS
Exploits0References8
OSV
OSV
added 2021/04/01 6:15 p.m.2 views

ALPINE-CVE-2021-22890

curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived...

3.7CVSS6.9AI score0.03141EPSS
Exploits1References1
OSV
OSV
added 2021/04/01 6:15 p.m.2 views

DEBIAN-CVE-2021-22890

curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived...

3.7CVSS6.7AI score0.03141EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/04/01 12:0 a.m.4 views

The vulnerability of the fw.login.php component of the Artica Web Proxy management system allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the fw.login.php component of the Artica Web Proxy server management system is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with root privileges...

10CVSS8.4AI score0.93967EPSS
Exploits7References4Affected Software1
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.9 views

Fedora: Security Advisory for privoxy (FEDORA-2021-250d2ca9e6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2021/03/10 12:42 a.m.32 views

[SECURITY] Fedora 33 Update: privoxy-3.0.32-1.fc33

Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit...

2.3AI score
Exploits0
Fedora
Fedora
added 2021/03/10 12:26 a.m.38 views

[SECURITY] Fedora 32 Update: privoxy-3.0.32-1.fc32

Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit...

2.3AI score
Exploits0
CNVD
CNVD
added 2021/03/10 12:0 a.m.6 views

Privoxy Assertion Failure Vulnerability

privoxy is a web proxy with advanced filtering features. An assertion failure vulnerability exists in versions prior to privoxy 3.0.32. An attacker can exploit this vulnerability to crash the server via a specially crafted CGI request...

7.5CVSS6.4AI score0.02108EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/03/10 12:0 a.m.26 views

Debian: Security Advisory (DLA-2587-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02108EPSS
Exploits0References4
Debian
Debian
added 2021/03/09 5:51 p.m.21 views

[SECURITY] [DLA 2587-1] privoxy security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2587-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA March 09, 2021 https://wiki.debian.org/LTS -...

7.5CVSS7.8AI score0.02108EPSS
Exploits0
Rows per page
Query Builder