675 matches found
Protect
FortiOS Explicit Web Proxy by default allows non-standard HTTP traffic.Â...
Cisco Web Security Appliance AsyncOS Software Input Validation Error Vulnerability
The Cisco Web Security Appliance WSA is a web security appliance from Cisco. The appliance provides SaaS-based access control, real-time web reporting and tracking, and security policy formulation.AsyncOS Software is the operating system used in it. An input validation error vulnerability exists ...
CVE-2019-1884
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation mechanisms for...
Input validation
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation mechanisms for...
CVE-2019-1884 Cisco Web Security Appliance Web Proxy Denial of Service Vulnerability
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient input validation mechanisms for...
Cisco Wide Area Application Services (WAAS) HTTPS Proxy Authentication Bypass Vulnerability
Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An authentication bypass vulnerability exists in the HTTP...
CVE-2019-1817
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. A...
Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. A...
The vulnerability in the Google Chrome web browser, related to incorrect input validation, allows a hacker to redirect resources to the local host.
The vulnerability in the Google Chrome web browser is related to the absence of a special localhost registration in the WPAD files. Exploiting this vulnerability allows an attacker to redirect resources to localhost using a specially created WPAD file...
Webmin 1.890 Cross Site Scripting
Vulnerability type: Reflected Cross Site Scripting Vendor: http://www.webmin.com/index.html Product: Webmin Affected version: 1.890 Credit: Foo Jong Meng CVE ID: CVE- 2018-19191 DESCRIPTION: After logging into the webmin interface, attack can be launched by injecting the XSS payload at the affect...
UBUNTU-CVE-2018-18358
Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file...
chromium-browser: Insufficient policy enforcement in Proxy
Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file...
Google Chrome Proxy Unauthorized Access Vulnerability
Google Chrome is a web browser developed by Google, Inc. and Proxy is one of the proxy components. A security vulnerability exists in Proxy in Google Chrome versions prior to 71.0.3578.80, which stems from insufficient policy enforcement. The vulnerability can be exploited to gain unauthorized...
Fortinet FortiGate 5.2.x >= 5.2.12 / 5.4.6 - 5.4.7 / 5.6.1 - 5.6.3 Information Disclosure (FG-IR-18-325)
The remote host is running FortiOS 5.12.x greater than or equal to 5.2.12, 5.4.6, 5.4.7, 5.6.1 up to 5.6.3. It is, therefore, affected by an error related to the web proxy disclaimer web pages that allows disclosure of uninitialized memory buffers. C Tenable Network Security, Inc...
CVE-2018-19784
The strrotpass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy 5.1.0 uses weak cryptography, which makes it easier for attackers to calculate the authorization data needed for local file inclusion...
CVE-2018-13376
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...
Buffer overflow
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...
CVE-2018-13376
CVE-2018-13376 affects Fortinet FortiOS web proxy disclaimer pages, leaking uninitialized memory buffers and potentially exposing sensitive data in HTTP responses. Affected are FortiOS 5.2.x (all 5.2.12+), 5.4.6–5.4.7, and 5.6.1–5.6.3. Root cause: uninitialized memory buffer in the web proxy disc...
CVE-2018-13376
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...
CVE-2018-13376
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response...