17 matches found
EUVD-2009-2054
Malware in sbrugna...
EUVD-2009-2067
Malware in sbrugna...
EUVD-2009-2068
Malware in sbrugna...
EUVD-2024-43173
Malicious code in bioql PyPI...
ROS-20250619-06
Dante proxy server vulnerability is related to improper access restrictions in certain configurations of sockd.conf that includes socksmethod. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions. remotely to bypass the...
CVE-2025-0330 Exposure of Sensitive Information in berriai/litellm
In berriai/litellm version v1.52.1, an issue in proxyserver.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability exposes sensitive information, including langfusesecret and langfusepublickey, which can provide full access to the Langfuse...
CVE-2024-48874
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud...
CVE-2024-48874
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud...
Ruijie Networks ReyeeOS 安全漏洞
Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x up to and including 2.320.x. An attacker can exploit this vulnerability to force Ruijie's proxy server to execute any request of the attacker's choosing...
CVE-2024-36038 Stored XSS
Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross-site scripting vulnerability in the proxy server option...
BIT-PYTHON-2021-23336 Web Cache Poisoning
The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...
Squid Code Problem Vulnerability
Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A code issue vulnerability exists in versions prior to Squid 6.0.1 that stems from a NULL pointer dereference, which c...
Privoxy 输入验证错误漏洞
Privoxy is a proxy server from the American Privoxy team that does not cache web pages and comes with filtering. It has advanced filtering features to enhance privacy, modify web data and HTTP headers, control access and remove ads and other annoying Internet junk. privoxy has flexible...
H2Csmuggler - HTTP Request Smuggling Over HTTP/2 Cleartext (H2C)
h2cSmuggler smuggles HTTP traffic past insecure edge-server proxypass configurations by establishing HTTP/2 cleartext h2c communications with h2c-compatible back-end servers, allowing a bypass of proxy rules and access controls. See my detailed write-up below for: Technical breakdown of the...
Microsoft ISA and Proxy Server Web Site Spoofing Vulnerability
Description Microsoft ISA and Proxy Server are reportedly prone to a Web site spoofing vulnerability. Successful exploitation of this issue could allow a remote attacker to spoof a trusted Web site. If a connection were made to the spoofed Web site using SSL, the malicious site would not be able ...
Rideway PN Telnet DoS
Strumpf Noir Society Advisories ! Public release ! -- -= Rideway PN Telnet DoS =- Release date: Tuesday, November 14, 2000 Introduction: RideWay PN is a proxy server application that enables multiple users to share resources and files and that allows users to access the Internet simultaneously...
CVE-1999-0471
The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button...