CVE-2026-48545 Gradio < 6.15.0 Cookie Injection via Shared Proxy Client

Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixation by exploiting a shared module-level HTTP client used across all users in the reverse proxy endpoint. Attackers controlling any HF Space can return a...

CVE-2026-2194 D-Link DI-7100G C1 start_proxy_client_email command injection

A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

CVE-2026-2194

The vulnerability CVE-2026-2194 affects D-Link DI-7100G C1 (firmware 24.04.18D1) in the start_proxy_client_email function. An attacker can remotely exploit a command injection vulnerability via manipulation of this function, with exploit activity described as published. Impact is described as ena...

CVE-2026-2194

A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

ap-proxy-client (>=0.3.0 <=0.8.0), ap-proxy-protocol (>=0.3.0 <=0.8.0) +2 more potentially affected by CVE-2026-24850 via ml-dsa (=0.0.4)

ml-dsa CARGO version =0.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on ml-dsa and may be impacted: - ap-proxy-client =0.3.0, =0.3.0, =0.1.0, =0.0.1-pre.0, =0.0.12 Source cves: CVE-2026-24850 Source advisory: OSV:GHSA-5X2R-HC65-25F9...

EUVD-2012-4535

Malware in sbrugna...

EUVD-2004-1478

Malware in sbrugna...

EUVD-2023-2014

Malicious code in bioql PyPI...

CVE-2025-6898

A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in proxyclient.asp. The manipulation of the argument proxysrv/proxylanport/proxylanip/proxysrvport leads to os command injection. The...

D-Link DI-7300G+ 命令注入漏洞

D-Link DI-7300G+ is a ruggedized enterprise-grade smart gateway from China AUO D-Link. A command injection vulnerability exists in the D-Link DI-7300G+ version 19.12.25A1, which stems from the incorrect operation of the parameters proxysrv, proxylanport, proxylanip, and proxysrvport in the file...

TIBCO Software TIBCO ActiveSpaces Developer Edition Security Vulnerability

TIBCO Software TIBCO ActiveSpaces Developer Edition is an application platform from TIBCO Software, Inc. It is designed to support large, volatile data sets and event-driven applications. A security vulnerability exists in TIBCO Software TIBCO ActiveSpaces Developer Edition versions 4.4.0 through...

K26351280: HTTP proxy client implementations vulnerability VU#905344

Security Advisory Description HTTP CONNECT requests and 407 Proxy Authentication Required messages are not integrity protected and are susceptible to man-in-the-middle attacks. WebKit-based applications are additionally vulnerable to arbitrary HTML markup and JavaScript execution in the context o...

Pivotnacci - A Tool To Make Socks Connections Through HTTP Agents

Pivot into the internal network by deploying HTTP agents. Pivotnacci allows you to create a socks server which communicates with HTTP agents. The architecture looks like the following: This tool was inspired by the great reGeorg. However, it includes some improvements: Support for balanced server...

SOL26351280 - HTTP proxy client implementations vulnerability VU#905344

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

CVE-2012-4610

EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client...

CVE-2012-4610

EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client...

ANONdroid v. 00.00.008 : JonDonym proxy client for Android released

ANONdroid v. 00.00.008 : JonDonym proxy client for Android released ANONdroid is a JonDonym proxy client for Android smartphones. This nice piece of software is under ongoing development by the AN.ON project of the university Dresden. Project leader is Dr. Stefan Köpsell. ANONdroid uses the core...

CVE-2006-2786

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

CVE-2004-1484

Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...

CVE-2004-1484

Format string vulnerability in the msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message...