CVE-2026-8081

CVE-2026-8081 affects router-for-me CLIProxyAPI 6.9.29. The vulnerability is a server-side request forgery in the API Tools handler (internal/api/handlers/management/api_tools.go) caused by manipulating the url argument. This enables remote exploitation as disclosed publicly. Remediation details ...

BIT-APACHE-2026-34032 Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)

Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

CVE-2020-36905

CVE-2020-36905 affects FIBARO System Home Center 5.021. A remote file inclusion vulnerability exists in the undocumented proxy API that allows an attacker to include arbitrary client-side scripts by abusing the GET parameter “url,” enabling injection of malicious JavaScript and potentially hijack...

CVE-2020-36905 FIBARO System Home Center 5.021 Remote File Inclusion via Proxy API

FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows attackers to include arbitrary client-side scripts. Attackers can exploit the 'url' GET parameter to inject malicious JavaScript and potentially hijack user sessions or...

EUVD-2025-176949

Malicious code in proxy-interface-visualize-thread-psi npm...

EUVD-2017-15805

Malware in sbrugna...

IPFire 安全漏洞

IPFire is an open source Linux distribution from the IPFire organization. It is primarily used as a router and firewall. A security vulnerability exists in IPFire that stems from improper validation of proxy.cgi interface inputs, which could lead to remote command execution...

OTRS AG Survey Cross-Site Scripting Vulnerability

OTRS AG Survey is a Perl-based customer survey appliance from OTRS Germany. The tool is intended for use in sending e-mails to customers after a ticket has been closed. A cross-site scripting vulnerability exists in OTRS AG Survey that can be exploited by an attacker to execute malicious code in...

OTRS AG Survey 跨站脚本漏洞

OTRS AG Survey is a Perl-based customer survey appliance from OTRS Germany. The tool is intended for use in sending e-mails to customers after a ticket has been closed. A cross-site scripting vulnerability exists in OTRS AG Survey that can be exploited by an attacker to execute malicious code in...

SUSE-SU-2020:3359-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.9-11 October 2020 CPU, bsc1177943 New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling +...

Open Ticket Request System Code Injection Vulnerability

Open Ticket Request System OTRS is an open source defect tracking and management system software. A code injection vulnerability exists in Kernel/System/Spelling.pm in Open Ticket Request System OTRS. A remote authenticated attacker can exploit this vulnerability by executing shell commands as a...

Foreman Arbitrary Code Execution Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. A security vulnerability in the smart proxy TFTP API in Foreman versions 1.11.x before 1.10.4 and 1.11.2 before 1.11.2 can be exploited by a remote attacker to execute arbitrary code with the help of specially...