CVE-2026-9887

An use after free flaw was found in the Proxy component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511249104...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the Proxy component’s ability to reuse resources after they were released, potentially allowing remote attackers...

CVE-2026-6297

An use after free flaw was found in the Proxy component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493628982...

CVE-2026-6297

Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.101 contained a security vulnerability. This vulnerability stemmed from the Proxy component allowing for post-release reuse of objects, which could enable attackers from privileged network...

CVE-2026-4528

CVE-2026-4528 affects trueleaf ApiFlow 0.9.7. The vulnerability lies in the function validateUrlSecurity within packages/server/src/service/proxy/http_proxy.service.ts of the URL Validation Handler , enabling server-side request forgery (SSRF) . Remote exploitation is possible and the exploit has...

PT-2026-33135

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description A use after free issue in the Proxy component allows an attacker in a privileged network position to potentially perform a sandbox escape by using a crafted HTML page. Use after free i...

milvus 授权问题漏洞

milvus is a high-performance cloud-native vector database open-sourced by The Milvus Project. An authorization issue vulnerability exists in Milvus versions prior to 2.4.24, prior to 2.5.21, and prior to 2.6.5, which stems from an authentication mechanism bypass issue in the Milvus Proxy componen...

EUVD-2025-38155

A Server-Side Request Forgery SSRF in the /api/proxy/ component of linshenkx prompt-optimizer v1.3.0 to v1.4.2 allows attackers to scan internal resources via a crafted request...

EUVD-2019-13216

Malware in sbrugna...

EUVD-2022-6680

Malicious code in bioql PyPI...

Cross-site Scripting (XSS)

Overview @modelcontextprotocol/inspector-client is a Client-side application for the Model Context Protocol inspector Affected versions of this package are vulnerable to Cross-site Scripting XSS via the redirect URI parameter when connecting to an untrusted remote server. An attacker can execute...

PT-2024-6069

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.59 and earlier Description The issue is related to an encoding problem in the mod proxy component of the Apache HTTP Server, which can allow an attacker to send request URLs with incorrect encoding to backend...

Zabbix Security Vulnerabilities

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix that stems from a security flaw in the Proxy, Server component that allows an attacker with...

Input validation

Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address. When the Apache Pulsar Proxy component is used, it is possible to attempt to open TCP/IP connections to any IP addre...

CVE-2022-24280 Apache Pulsar Proxy target broker address isn't validated

Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address. When the Apache Pulsar Proxy component is used, it is possible to attempt to open TCP/IP connections to any IP addre...

Unspecified Vulnerability in Apple iOS, tvOS and OS X El Capitan CFNetwork Proxies

Apple iOS, tvOS, and OS X El Capitan are products of Apple Inc. Apple iOS is an operating system for mobile devices; tvOS is an operating system for smart TVs; and OS X El Capitan is a purpose-built operating system for Mac computers.CFNetwork Proxies is a component of CFNetwork that handles prox...

McAfee Web Gateway Improper Input Validation Vulnerability

McAfee Web Gateway MWG is a security gateway product from McAfee USA. The product provides threat protection, application control, and data loss prevention. An improper input validation vulnerability exists in the proxy component of McAfee Web Gateway 7.8.2.0 and later. A remote attacker could...

CVE-2019-3581

Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter...

CVE-2019-3581 McAfee Web Gateway denial of service attack due to Improper Input Validation

Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter...