Lucene search
K

675 matches found

RedHat Linux
RedHat Linux
•added 2016/10/20 12:47 p.m.•4 views

OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)

A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication...

5.9CVSS7.2AI score0.03937EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2016/10/19 2:58 p.m.•4 views

OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)

A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication...

5.9CVSS7.2AI score0.03937EPSS
Exploits0References5
ThreatPost
ThreatPost
•added 2016/08/01 9:0 a.m.•20 views

New HTTPS URL Leakage Attack Leaves PCs, Macs, Linux Systems Vulnerable

LAS VEGAS — Researchers have found flaws in the Web Proxy AutoDiscovery protocol tied to DHCP and DNS servers that allow hackers spy on HTTPS-protected URLs and launch a myriad of different malicious attacks against Linux, Windows or Mac computers. According to the security firm SafeBreach, this...

0.4AI score
Exploits0References3
OSV
OSV
•added 2016/07/18 2:0 p.m.•2 views

UBUNTU-CVE-2016-5388

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an...

8.1CVSS7.4AI score0.50896EPSS
Exploits0References6
Gentoo Linux
Gentoo Linux
•added 2016/07/09 12:0 a.m.•48 views

Squid: Multiple vulnerabilities

Background Squid is a full-featured Web proxy cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. Description Multiple vulnerabilities ha...

8.8CVSS8.6AI score0.79651EPSS
Exploits1
BDU FSTEC
BDU FSTEC
•added 2016/07/04 12:0 a.m.•6 views

Vulnerability of the Windows operating system and the Internet Explorer browser, allowing attackers to increase their privileges

The vulnerability of the Web Proxy Auto Discovery protocol for the Windows operating system and the Internet Explorer browser is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely by using the NetBIOS name...

9.3CVSS7.6AI score0.70288EPSS
Exploits2References5Affected Software1
BDU FSTEC
BDU FSTEC
•added 2016/07/04 12:0 a.m.•7 views

The vulnerability of the Windows operating system, which allows a hacker to redirect network traffic

The vulnerability of the Web Proxy Auto Discovery protocol in the Windows operating system is related to incorrect data processing. Exploiting this vulnerability allows a malicious actor to redirect network traffic remotely...

10CVSS7.7AI score0.77658EPSS
Exploits2References3
Microsoft KB
Microsoft KB
•added 2016/06/16 7:0 a.m.•61 views

Cumulative Update for Windows 10 version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016

Cumulative Update for Windows 10 version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4, and resolves the following...

10CVSS7.1AI score0.77658EPSS
Exploits23
Microsoft KB
Microsoft KB
•added 2016/06/16 7:0 a.m.•61 views

Cumulative update for Windows 10: June 14, 2016

Cumulative update for Windows 10: June 14, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10. It also resolves the following vulnerabilities in Windows: 3163649 MS16-063: Cumulative security update for Internet Explorer: June 14, 2016 3163656...

10CVSS6.5AI score0.77658EPSS
Exploits22
OSV
OSV
•added 2016/06/16 1:59 a.m.•4 views

CVE-2016-3236

The Web Proxy Auto Discovery WPAD protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles proxy discovery, which allows remote attackers to...

9.8CVSS5.8AI score0.77658EPSS
Exploits2References2
OSV
OSV
•added 2016/06/16 1:59 a.m.•2 views

CVE-2016-3213

The Web Proxy Auto Discovery WPAD protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 9 through 11 has an improper fallback mechanis...

8.8CVSS5.8AI score0.70288EPSS
Exploits2References4
Prion
Prion
•added 2016/06/16 1:59 a.m.•20 views

Privilege escalation

The Web Proxy Auto Discovery WPAD protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles proxy discovery, which allows remote attackers to...

10CVSS7.2AI score0.77658EPSS
Exploits2References2Affected Software3
CNVD
CNVD
•added 2016/06/16 12:0 a.m.•4 views

Elevation of Privilege Vulnerability Found in Microsoft Windows WPAD Agent

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows that stems from a program's inability to properly handle certain proxy discovery scenarios using the Web Proxy Autodiscovery WPAD...

10CVSS7.1AI score0.77658EPSS
Exploits2References1
CNVD
CNVD
•added 2016/06/15 12:0 a.m.•3 views

Microsoft Windows WPAD Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Web Proxy Autodiscovery WPAD protocol for Microsoft Windows. An attacker could exploit this vulnerability to bypass security checks and obtain...

9.3CVSS7AI score0.70288EPSS
Exploits2References1
Positive Technologies
Positive Technologies
•added 2016/06/14 12:0 a.m.•3 views

PT-2016-2168

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version Description The issue is related to the Web Proxy Auto Discovery WPAD protocol implementation, which mishandles proxy discovery. This allows remote attackers to redirect network traffic via...

10CVSS6.5AI score0.77658EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
•added 2016/06/01 12:0 a.m.•8 views

Web Proxy Settings '.pac' File Download Detection

Binary data 9272.prm...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2016/04/21 12:0 a.m.•43 views

Oracle iPlanet Web Proxy Server 4.0.x < 4.0.27 NSS ASN.1 Decoder RCE (April 2016 CPU)

According to its self-reported version, the Oracle iPlanet Web Proxy Server formerly known as Sun Java System Web Proxy Server installed on the remote host is version 4.0.x prior to 4.0.27. It is, therefore, affected by a heap buffer overflow condition in the ASN.1 decoder in the Network Security...

9.8CVSS8.9AI score0.10238EPSS
Exploits0References3
n0where
n0where
•added 2016/04/07 3:38 p.m.•35 views

DIY Web Proxy: proxenet

proxenet is a multi-threaded proxy which allows you to manipulate your HTTP requests and responses using your favorite scripting language. No need to learn Java like for Burp or Python like for mitmproxy . proxenet supports heaps of languages and more can be added easily. proxenet is a C-based...

0.1AI score
Exploits0References1
CNVD
CNVD
•added 2016/03/26 12:0 a.m.•6 views

CA Single Sign-On Domino Web Proxy Denial of Service Vulnerability

CA Single Sign-On is a suite of software for secure access to Web applications via single sign-on from CA USA. A denial of service vulnerability exists in CA Single Sign-On's Domino Web proxy. A remote attacker could exploit this vulnerability by sending a specially crafted request to cause a...

9.1CVSS6.8AI score0.01504EPSS
Exploits0References1
OSV
OSV
•added 2016/03/20 12:0 a.m.•25 views

DSA-3522-1 squid3 - security update

Bulletin has no description...

7.5CVSS7.5AI score0.09363EPSS
Exploits0
Rows per page
Query Builder