Lucene search
K

9794 matches found

CNNVD
CNNVD
added 2021/02/08 12:0 a.m.4 views

Privoxy Security Vulnerability

Privoxy is a proxy server from the Privoxy team in the USA that does not cache web pages and comes with its own filtering features. It has advanced filtering features to enhance privacy, modify web data and HTTP headers, control access and remove advertisements and other annoying Internet...

7.5CVSS7AI score0.01897EPSS
Exploits0References9
Fedora
Fedora
added 2021/02/06 1:18 a.m.103 views

[SECURITY] Fedora 33 Update: php-7.4.15-1.fc33

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

7.5CVSS2.2AI score0.03152EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/02/06 12:0 a.m.29 views

Fedora: Security Advisory for php (FEDORA-2021-6edfd606d3)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.03152EPSS
Exploits0References2
OSV
OSV
added 2021/02/05 12:0 a.m.2 views

UBUNTU-CVE-2021-20217

A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability...

7.5CVSS7AI score0.01371EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2021/02/05 12:0 a.m.20 views

CVE-2021-20217

A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability...

7.8CVSS7AI score0.01371EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/02/05 12:0 a.m.21 views

CVE-2021-20214

A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail can lead to a system crash...

7.8CVSS7AI score0.02024EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2021/02/05 12:0 a.m.337 views

LiteSpeed Web Server Enterprise 5.4.11 Command Injection

Exploit Title: LiteSpeed Web Server Enterprise 5.4.11 - Command Injection Authenticated Date: 05/20/2021 Exploit Author: cmOs - SunCSR Vendor Homepage: https://www.litespeedtech.com/ Software Link: https://www.litespeedtech.com/products Version: 5.4.11 Ubuntu/Kali Linux Step 1: Log in to the...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/05 12:0 a.m.372 views

LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated)

Exploit Title: LiteSpeed Web Server Enterprise 5.4.11 - Command Injection Authenticated Date: 05/20/2021 Exploit Author: cmOs - SunCSR Vendor Homepage: https://www.litespeedtech.com/ Software Link: https://www.litespeedtech.com/products Version: 5.4.11 Ubuntu/Kali Linux Step 1: Log in to the...

7.4AI score
Exploits0
OSV
OSV
added 2021/02/05 12:0 a.m.2 views

UBUNTU-CVE-2021-20214

A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail can lead to a system crash...

7.5CVSS7AI score0.02024EPSS
Exploits0References5
Veracode
Veracode
added 2021/02/03 4:29 p.m.16 views

Buffer Overflow

privoxy is vulnerable to buffer overflow. The vulnerability exists in the show-status CGI handler when no action files are configured...

7.5CVSS2.8AI score0.01897EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2021/02/03 4:29 p.m.20 views

Memory Leak

bullseye is vulnerable to a memory leak in the show-status CGI handler when no filter files are configured...

7.5CVSS1.4AI score0.02355EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2021/02/03 4:29 p.m.26 views

Memory Leak

bullseye is vulnerable to memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail...

7.5CVSS1.2AI score0.02024EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2021/02/03 4:29 p.m.16 views

Denial Of Service (DoS)

privoxy is vulnerable to denial of service. Memory leaks in the show-status CGI handler when memory allocations fail results in denial of service condition...

7.5CVSS2.1AI score0.02252EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2021/02/03 12:0 a.m.18 views

CVE-2021-20210

A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash...

7.8CVSS7AI score0.02355EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/02/03 12:0 a.m.27 views

CVE-2021-20209

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured...

7.5CVSS7AI score0.01897EPSS
Exploits0References4
OSV
OSV
added 2021/02/01 2:15 p.m.4 views

CVE-2020-36109

ASUS RT-AX86U router firmware below version under 9.0.0.4386 has a buffer overflow in the blockingrequest.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data...

9.8CVSS7.9AI score0.04207EPSS
Exploits1References1
Prion
Prion
added 2021/02/01 2:15 a.m.14 views

Design/Logic Flaw

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the undocumented system account mofidev to login to the cgi-bin/luci/quick/wizard management interfac...

5CVSS9.3AI score0.01178EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.69 views

CentOS 8 : go-toolset:rhel8 (CESA-2020:5493)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5493 advisory. - golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS CVE-2020-24553 - golang: math/big: panic during recursive...

7.5CVSS7AI score0.03813EPSS
Exploits2References5
Exploit DB
Exploit DB
added 2021/01/29 12:0 a.m.344 views

SonicWall SSL-VPN 8.0.0.0 - 'visualdoor' Remote Code Execution (Unauthenticated)

Exploit Title: SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution Unauthenticated Exploit Author: Darren Martyn Vendor Homepage: https://www.home-assistant.io/ Version: SMA 8.0.0.4 Blog post: https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/27 12:0 a.m.230 views

Openlitespeed Web Server 1.7.8 Command Injection

Exploit Title: Openlitespeed WebServer 1.7.8 - Command Injection Authenticated Date: 26/1/2021 Exploit Author: cmOs - SunCSR Vendor Homepage: https://openlitespeed.org/ Software Link: https://openlitespeed.org/kb/install-from-binary/ Version: 1.7.8 Tested on Windows 10 Step 1: Log in to the...

7.4AI score
Exploits0
Rows per page
Query Builder