Lucene search
K

675 matches found

Fortinet
Fortinet
added 2019/07/24 12:0 a.m.20 views

Protect

FortiOS Explicit Web Proxy by default allows non-standard HTTP traffic.Â...

6.9AI score
Exploits0Affected Software1
CNVD
CNVD
added 2019/07/05 12:0 a.m.2 views

Cisco Web Security Appliance AsyncOS Software Input Validation Error Vulnerability

The Cisco Web Security Appliance WSA is a web security appliance from Cisco. The appliance provides SaaS-based access control, real-time web reporting and tracking, and security policy formulation.AsyncOS Software is the operating system used in it. An input validation error vulnerability exists ...

7.7CVSS6.8AI score0.01513EPSS
Exploits0References1
OSV
OSV
added 2019/07/04 8:15 p.m.5 views

CVE-2019-1884

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation mechanisms for...

6.5CVSS6.9AI score0.01513EPSS
Exploits0References1
Prion
Prion
added 2019/07/04 8:15 p.m.22 views

Input validation

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation mechanisms for...

4CVSS6.5AI score0.01513EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2019/07/04 7:50 p.m.9 views

CVE-2019-1884 Cisco Web Security Appliance Web Proxy Denial of Service Vulnerability

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation mechanisms for...

7.7CVSS7.1AI score0.01513EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/20 12:0 a.m.3 views

Cisco Wide Area Application Services (WAAS) HTTPS Proxy Authentication Bypass Vulnerability

Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An authentication bypass vulnerability exists in the HTTP...

5.3CVSS7AI score0.01774EPSS
Exploits0References1
OSV
OSV
added 2019/05/03 5:29 p.m.3 views

CVE-2019-1817

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. A...

7.5CVSS7.2AI score0.01772EPSS
Exploits0References1
Cisco
Cisco
added 2019/05/01 4:0 p.m.37 views

Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. A...

8.6CVSS1.6AI score0.01772EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/03/12 12:0 a.m.3 views

The vulnerability in the Google Chrome web browser, related to incorrect input validation, allows a hacker to redirect resources to the local host.

The vulnerability in the Google Chrome web browser is related to the absence of a special localhost registration in the WPAD files. Exploiting this vulnerability allows an attacker to redirect resources to localhost using a specially created WPAD file...

5.7CVSS6.8AI score0.00443EPSS
Exploits0References4Affected Software2
Packet Storm
Packet Storm
added 2019/01/15 12:0 a.m.161 views

Webmin 1.890 Cross Site Scripting

Vulnerability type: Reflected Cross Site Scripting Vendor: http://www.webmin.com/index.html Product: Webmin Affected version: 1.890 Credit: Foo Jong Meng CVE ID: CVE- 2018-19191 DESCRIPTION: After logging into the webmin interface, attack can be launched by injecting the XSS payload at the affect...

5.6AI score0.3965EPSS
Exploits2
OSV
OSV
added 2018/12/11 4:29 p.m.1 views

UBUNTU-CVE-2018-18358

Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file...

5.7CVSS7.3AI score0.00443EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.5 views

chromium-browser: Insufficient policy enforcement in Proxy

Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file...

5.7CVSS7.4AI score0.00443EPSS
Exploits0References5
CNVD
CNVD
added 2018/12/06 12:0 a.m.2 views

Google Chrome Proxy Unauthorized Access Vulnerability

Google Chrome is a web browser developed by Google, Inc. and Proxy is one of the proxy components. A security vulnerability exists in Proxy in Google Chrome versions prior to 71.0.3578.80, which stems from insufficient policy enforcement. The vulnerability can be exploited to gain unauthorized...

5.7CVSS6.9AI score0.00443EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/12/05 12:0 a.m.39 views

Fortinet FortiGate 5.2.x >= 5.2.12 / 5.4.6 - 5.4.7 / 5.6.1 - 5.6.3 Information Disclosure (FG-IR-18-325)

The remote host is running FortiOS 5.12.x greater than or equal to 5.2.12, 5.4.6, 5.4.7, 5.6.1 up to 5.6.3. It is, therefore, affected by an error related to the web proxy disclaimer web pages that allows disclosure of uninitialized memory buffers. C Tenable Network Security, Inc...

7.5CVSS7.4AI score0.02119EPSS
Exploits1References2
OSV
OSV
added 2018/12/01 12:29 a.m.2 views

CVE-2018-19784

The strrotpass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy 5.1.0 uses weak cryptography, which makes it easier for attackers to calculate the authorization data needed for local file inclusion...

7.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2018/11/27 3:29 p.m.4 views

CVE-2018-13376

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...

7.5CVSS6AI score0.02119EPSS
Exploits1References3
Prion
Prion
added 2018/11/27 3:29 p.m.12 views

Buffer overflow

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...

5CVSS7.5AI score0.02119EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2018/11/27 3:0 p.m.51 views

CVE-2018-13376

CVE-2018-13376 affects Fortinet FortiOS web proxy disclaimer pages, leaking uninitialized memory buffers and potentially exposing sensitive data in HTTP responses. Affected are FortiOS 5.2.x (all 5.2.12+), 5.4.6–5.4.7, and 5.6.1–5.6.3. Root cause: uninitialized memory buffer in the web proxy disc...

7.5CVSS7.5AI score0.02119EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2018/11/27 3:0 p.m.13 views

CVE-2018-13376

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...

7.1AI score0.02119EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/11/27 3:0 p.m.23 views

CVE-2018-13376

An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...

7.5AI score0.02119EPSS
Exploits1References3
Rows per page
Query Builder