CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

62 matches found

Packet Storm News•added 2026/05/12 12:0 a.m.•5 views

IPI-Proxy: An Intercepting Proxy for Red-Teaming Web-Browsing AI Agents against Indirect Prompt Injection

Web-browsing AI agents are increasingly deployed in enterprise settings under strict whitelists of approved domains, yet adversaries can still influence them by embedding hidden instructions in the HTML pages those domains serve. Existing red-teaming resources fall short of this scenario:...

5.8AI score

Exploits0

OSV•added 2026/04/21 6:16 p.m.•2 views

UBUNTU-CVE-2026-40606

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

4.8CVSS5.7AI score0.00092EPSS

Exploits1References4

Debian CVE•added 2026/04/21 5:43 p.m.•3 views

CVE-2026-40606

4.8CVSS5.3AI score0.00092EPSS

Exploits1

OSV•added 2024/12/03 6:45 p.m.•13 views

GHSA-5JC6-H9W7-JM3P Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality

Summary The application allows users to upload files with scripts in the filename parameter. As a result, a malicious user can upload a script file to the system. When users in the application use the "Diff or Compare" functionality, they are affected by a Stored Cross-Site Scripting vulnerabilit...

6.2CVSS5.2AI score0.0193EPSS

Exploits1References4

Tenable Nessus•added 2023/08/21 12:0 a.m.•17 views

openSUSE 15 Security Update : python-mitmproxy (openSUSE-SU-2023:0233-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0233-1 advisory. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP...

9.8CVSS8AI score0.00193EPSS

Exploits0References4

Tenable Nessus•added 2023/08/21 12:0 a.m.•17 views

openSUSE 15 Security Update : python-mitmproxy (openSUSE-SU-2023:0232-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0232-1 advisory. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP...

9.8CVSS8AI score0.00193EPSS

Exploits0References4

Hacker One•added 2022/09/28 7:24 p.m.•9 views

Slack: Ability to join an arbitrary workspace by utilizing a proxy to manipulate invite links

A vulnerability was found in Slack that allowed experienced researchers to utilize an intercepting proxy to manipulate invite links and join an arbitrary workspace without admin approval. The issue was fixed immediately and no customers were impacted...

7.1AI score

Exploits0

NVD•added 2022/03/21 7:15 p.m.•14 views

CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

9.8CVSS0.00789EPSS

Exploits0References3

Prion•added 2022/03/21 7:15 p.m.•7 views

Design/Logic Flaw

7.5CVSS9.3AI score0.00789EPSS

Exploits0References3Affected Software1

OSV•added 2022/03/21 7:15 p.m.•15 views

PYSEC-2022-170

9.8CVSS9.3AI score0.00789EPSS

Exploits0References3

Debian CVE•added 2022/03/21 6:50 p.m.•32 views

CVE-2022-24766

9.8CVSS9.4AI score0.00789EPSS

Exploits0

Cvelist•added 2022/03/21 6:50 p.m.•13 views

CVE-2022-24766 Insufficient Protection against HTTP Request Smuggling in mitmproxy

9.8CVSS9.6AI score0.00789EPSS

Exploits0References3

OSV•added 2022/03/21 6:50 p.m.•18 views

CVE-2022-24766 Insufficient Protection against HTTP Request Smuggling in mitmproxy

9.8CVSS9.2AI score0.00789EPSS

Exploits0References5

CVE•added 2022/03/21 6:50 p.m.•116 views

CVE-2022-24766

Mitmproxy vulnerability CVE-2022-24766 affects mitmproxy

9.8CVSS9.3AI score0.00789EPSS

Exploits0References3Affected Software1

OSV•added 2021/09/16 3:15 p.m.•12 views

CVE-2021-39214

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

9.8CVSS9.4AI score

Exploits0References1

PyPA•added 2021/09/16 3:15 p.m.•4 views

PYSEC-2021-328

9.8CVSS6.9AI score0.00193EPSS

Exploits0References1Affected Software1

Prion•added 2021/09/16 3:15 p.m.•11 views

Design/Logic Flaw

7.5CVSS9.3AI score0.00193EPSS

Exploits0References1Affected Software1

UbuntuCve•added 2021/09/16 3:15 p.m.•20 views

CVE-2021-39214

9.8CVSS7AI score0.00193EPSS

Exploits0References2

CVE•added 2021/09/16 3:10 p.m.•85 views

CVE-2021-39214

CVE-2021-39214 affects mitmproxy: in versions 7.0.2 and earlier, a malicious client or server can perform HTTP request smuggling through mitmproxy, causing the smuggled request/response to be embedded in another HTTP message body and bypass standard event hooks and local checks. Reported impact i...

9.8CVSS8.8AI score0.00193EPSS

Exploits0References1Affected Software1

AlpineLinux•added 2021/09/16 3:10 p.m.•21 views

CVE-2021-39214

9.8CVSS8.9AI score0.00193EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by