EUVD-2011-4579

Malware in sbrugna...

EUVD-2011-1500

Malware in sbrugna...

CVE-2025-54581

vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::tryfrom and flows into parsettlextension where it is parsed as a TTL value. If an attacker supplies a TTL of zero...

CVE-2025-54581 vproxy is vulnerable to a divide by zero DoS attack

vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::tryfrom and flows into parsettlextension where it is parsed as a TTL value. If an attacker supplies a TTL of zero...

PT-2025-31441 · Vproxy · Vproxy

Name of the Vulnerable Software and Affected Versions: vproxy versions 2.3.3 and below Description: vproxy is an HTTP/HTTPS/SOCKS5 proxy server. Untrusted data from the user-controlled HTTP Proxy-Authorization header is passed to Extension::try from and then to parse ttl extension where it is...

CVE-2011-4661

A memory leak vulnerability exists in Cisco IOS before 15.21T due to a memory leak in the HTTP PROXY Server process aka CSCtu52820, when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured...

CVE-2024-20490 Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

Lazarus Group Surfaces with Advanced Malware Framework

The North Korea-linked APT known as Lazarus Group has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux and macOS operating systems. Kaspersky researchers uncovered a series of attacks utilizing MATA so-called because the malware authors themselves call...

Memory corruption

A memory leak vulnerability exists in Cisco IOS before 15.21T due to a memory leak in the HTTP PROXY Server process aka CSCtu52820, when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured...

CVE-2011-4661

A memory leak vulnerability exists in Cisco IOS before 15.21T due to a memory leak in the HTTP PROXY Server process aka CSCtu52820, when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured...

CVE-2011-4661

CVE-2011-4661 affects Cisco IOS before 15.2(1)T, caused by a memory leak in the HTTP PROXY Server (CSCtu52820) when ISR Web Security with ScanSafe and NTLM authentication is configured. Documented impact includes partial availability loss with attack surface over the network. No explicit exploit ...

Design/Logic Flaw

acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server...

CVE-2011-1499

acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server...

Debian: Security Advisory (DSA-726-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 10 Security Update : java-1_6_0-sun (java-1_6_0-sun-4525)

The Sun JAVA JDK 1.6.0 was upgraded to release 3 to fix various bugs, including the following security bugs : http://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1 CVE-2007-5232: Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and...

openSUSE 10 Security Update : java-1_4_2-sun (java-1_4_2-sun-4536)

The Sun JAVA JDK 1.4.2 was upgraded to release 16 to fix various bugs, including the following security bugs : http://sunsolve.sun.com/search/document.do?assetkey=1-26-103 079-1 CVE-2007-5232: Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and...

CVE-2007-5273

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...

CVE-2007-5273

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound...

[Full-disclosure] Medium level security hole in FreeProxy

The FreeProxy HTTP proxy server suffers from a denial of service condition which causes the server to hang. This occurs when an attacker makes a request for the hostname/portnumber combination in use by the server itself. The vendor was notified on the 10th January 2007 and a fix was made availab...

CVE-2006-5037

MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sqcontentsrc parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting XSS attacks. NOTE: the researcher reports that "The vendor...