CVE-2026-9887

Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. Chromium security severity: Critical...

EUVD-2016-7626

Malware in sbrugna...

EUVD-2017-14488

Malware in sbrugna...

EUVD-2005-3089

Malware in sbrugna...

EUVD-2019-11689

Malware in sbrugna...

EUVD-2016-6085

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-6723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 befor...

Linux Distros Unpatched Vulnerability : CVE-2018-17191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache NetBeans incubating 9.0 NetBeans Proxy Auto-Configuration PAC interpretation is vulnerable for remote command execution RCE. Using the nashorn script...

Linux Distros Unpatched Vulnerability : CVE-2018-18506

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify...

libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow

A vulnerability was found in libproxy, where a buffer overflow can occur if a server serving a PAC file sends more than 102400 bytes without a Content-Length header, this flaw allows an attacker to trigger an overflow of PACHTTPBLOCKSIZE 512 bytes, potentially leading to application crashes or...

SUSE CVE-2005-3089

Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...

SUSE CVE-2006-3808

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

SUSE CVE-2016-5134

net/proxy/proxyservice.cc in the Proxy Auto-Config PAC feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, a related issue to...

SUSE CVE-2017-5384

Proxy Auto-Config PAC files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed t...

SUSE CVE-2020-26154

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

DEBIAN-CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

USN-5512-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass CSP restrictions, or execute...

UBUNTU-CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...