CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

EUVD-2021-7707

Malicious code in bioql PyPI...

EUVD-2021-7706

Malicious code in bioql PyPI...

SUSE CVE-2021-20217

A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability...

Exploit for Improper Access Control in Webmin

CVE-2022-0824 !Dockerhttps://github.com/cryst4lliz3/CVE-2...

DEBIAN-CVE-2021-20217

A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability...

Denial of service

A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability...

CVE-2021-20273

A flaw was found in privoxy before 3.0.32. A crash can occur via a crafted CGI request if Privoxy is toggled off...

Design/Logic Flaw

A flaw was found in privoxy before 3.0.32. A crash can occur via a crafted CGI request if Privoxy is toggled off...

UBUNTU-CVE-2021-20272

A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash...

Privoxy 安全漏洞

privoxy is a web proxy with advanced filtering features. An assertion failure vulnerability exists in versions prior to privoxy 3.0.32. An attacker can exploit this vulnerability to crash the server via a specially crafted CGI request...

PT-2021-13864 · Privoxy +4 · Privoxy +4

Name of the Vulnerable Software and Affected Versions: privoxy versions prior to 3.0.32 Description: A flaw was found in the software, allowing an assertion failure to be triggered with a crafted CGI request, leading to a server crash. This issue can be exploited by attackers to cause a denial of...

CVE-2019-9624

Webmin 1.900 allows remote attackers to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI...

Design/Logic Flaw

Webmin 1.900 allows remote attackers to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI...

CVE-2019-9624

Webmin 1.900 allows remote attackers to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI...

The vulnerability of the built-in web server of Schneider Electric’s Modicon Premium, Modicon Quantum PLC, Modicon M340, and Modicon BMXNOR0200 allows a perpetrator to bypass the authentication mechanism.

The vulnerability of Schneider Electric’s built-in web server controls—Modicon Premium, Modicon Quantum PLC, Modicon M340, and Modicon BMXNOR0200—is caused by errors in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to bypass the authentication process using...

CVE-2015-0859

The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokepingcgi, which allows remote attackers to execute arbitrary code via crafted CGI arguments...