CVE-2026-42271 LiteLLM: Authenticated command execution via MCP stdio test endpoints

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration i...

CVE-2018-25313

SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can inject a large payload through the Proxy Server Host Name field in the Options menu to crash the...

CVE-2018-25313 SysGauge 4.5.18 Local Denial of Service via Proxy Configuration

SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can inject a large payload through the Proxy Server Host Name field in the Options menu to crash the...

Prime95 安全漏洞

Prime95 is a device stress testing software developed by Prime95 Corporation. Version 29.4b8 of Prime95 contains a security vulnerability. This vulnerability stems from a local buffer overflow, which could allow attackers to execute arbitrary code by exploiting the structured exception handling...

Flexense SysGauge 安全漏洞

Flexense SysGauge is a system analysis tool developed by Flexense Corporation, designed for real-time monitoring of system performance and resource usage. Version 4.5.18 of Flexense SysGauge contains a security vulnerability. This vulnerability stems from a buffer overflow in the proxy...

PT-2026-35996

SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can inject a large payload through the Proxy Server Host Name field in the Options menu to crash the...

CVE-2019-25327

Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the PrimeNet user ID and proxy host fields to trigger a bind shell on port 3110...

PT-2026-7926

Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the PrimeNet user ID and proxy host fields to trigger a bind shell on port 3110...

ROS-20251203-11

Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...

EUVD-2002-0064

Malware in sbrugna...

EUVD-2002-0065

Malware in sbrugna...

EUVD-2002-0066

Malware in sbrugna...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a misinterpretation of input in proxy host matching [CVE-2025-22870]

Summary IBM Watson Speech Services Cartridge is vulnerable to a misinterpretation of input in proxy host matching, caused by improper addressing of an IPv6 zone ID as a hostname component CVE-2025-22870. Proxy host matching is used as part of our speech utilities. This vulnerabilitiy has been...

CVE-2025-22870

A flaw was found in proxy host matching. This vulnerability allows improper bypassing of proxy settings via manipulating an IPv6 zone ID, causing unintended matches against the NOPROXY environment variable. Mitigation Mitigation for this issue is either not available or the currently available...

AZL-58413 CVE-2025-22870 affecting package prometheus-process-exporter for versions less than 0.8.2-2

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...

VulnCheck KEV: CVE-2021-40822

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host...

CVE-2023-39903

An issue was discovered in Fujitsu Software Infrastructure Manager ISM before 2.8.0.061. The ismsnap component in this specific case at /var/log/fujitsu/ServerViewSuite/ism/FirmwareManagement/FirmwareManagement.log allows insecure collection and storage of authorization credentials in cleartext...

GHSA-RR33-J5P5-PPF8 GeoServer allows SSRF via the option for setting a proxy host

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host...

GeoServer allows SSRF via the option for setting a proxy host

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host...

CVE-2021-40822

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host...