107 matches found
CVE-2026-9887
Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. Chromium security severity: Critical...
EUVD-2025-34326
Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally...
CVE-2025-55695
Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally...
CVE-2025-55695
Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally...
EUVD-2005-3089
Malware in sbrugna...
EUVD-2016-7626
Malware in sbrugna...
EUVD-2017-14488
Malware in sbrugna...
EUVD-2016-6085
Malware in sbrugna...
EUVD-2019-11689
Malware in sbrugna...
CVE-2025-59817
CVE-2025-59817 is an authenticated remote code execution affecting Zenitel ICX500/ICX510 gateways (zForm_auto_config). The vulnerability allows an authenticated attacker to execute arbitrary commands on the device; the web portal runs with root privileges, enabling full control and impacting avai...
Linux Distros Unpatched Vulnerability : CVE-2016-6723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 befor...
Linux Distros Unpatched Vulnerability : CVE-2018-17191
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache NetBeans incubating 9.0 NetBeans Proxy Auto-Configuration PAC interpretation is vulnerable for remote command execution RCE. Using the nashorn script...
Linux Distros Unpatched Vulnerability : CVE-2018-18506
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify...
UBUNTU-CVE-2022-49379
In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was timing out when deferredprobetimeout was non-zero 1. This was because ipautoconfig initcall times out waiting for the network interfac...
The vulnerability of the WLAN AutoConfig service for Windows operating systems allows attackers to disclose sensitive information.
The vulnerability of the WLAN AutoConfig service for Windows operating systems lies in the reading of data beyond the permitted range in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security measures...
libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow
A vulnerability was found in libproxy, where a buffer overflow can occur if a server serving a PAC file sends more than 102400 bytes without a Content-Length header, this flaw allows an attacker to trigger an overflow of PACHTTPBLOCKSIZE 512 bytes, potentially leading to application crashes or...
GO-2024-2683 Improper handling of node names in JWT claims assertions in github.com/hashicorp/consul
HashiCorp Consul does not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC...
BIT-CONSUL-2021-41803
HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2."...
SUSE CVE-2005-3089
Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...
SUSE CVE-2006-3808
Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...