1319 matches found
EUVD-2022-4573
Malicious code in bioql PyPI...
EUVD-2021-33480
Malicious code in bioql PyPI...
EUVD-2023-43104
Malicious code in bioql PyPI...
EUVD-2024-35850
Malicious code in bioql PyPI...
EUVD-2023-36379
Malicious code in bioql PyPI...
ROS-20251002-01
A vulnerability in the Privoxy proxy server with advanced web content filtering functions is related to insufficient validation of user data in the "processencryptedrequestheaders" function. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...
ODoQ: Oblivious DNS-Over-QUIC
The Domain Name System DNS, which converts domain names to their respective IP addresses, has advanced enhancements aimed at safeguarding DNS data and users' identity from attackers. The recent privacy-focused advancements have enabled the IETF to standardize several protocols. Nevertheless, thes...
Linux Distros Unpatched Vulnerability : CVE-2016-6624
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin involving improper enforcement of the IP-based authentication rules. When phpMyAdmin is used with IPv6 in a proxy server...
RHEL 7 : squid (RHSA-2025:14414)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14414 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: denial of...
Linux Distros Unpatched Vulnerability : CVE-2017-8761
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures ...
[SECURITY] [DSA 5982-1] squid security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5982-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2025 https://www.debian.org/security/faq -...
Linux Distros Unpatched Vulnerability : CVE-2016-9590
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage...
MAL-2025-17596 Malicious code in cors-proxy-server (npm)
The package cors-proxy-server was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
Malicious code in cors-proxy-server (npm)
The package cors-proxy-server was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
SUSE-SU-2025:02682-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 - CVE-2024-43204: Fixed a SSRF when modproxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. bsc1246305 - CVE-2024-47252: Fixed insufficie...
CVE-2025-54581
vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::tryfrom and flows into parsettlextension where it is parsed as a TTL value. If an attacker supplies a TTL of zero...
CVE-2025-23289
CVE-2025-23289 affects NVIDIA Omniverse Launcher for Windows and Linux. A vulnerability in the launcher logs could allow a user to cause sensitive information to be written to log files via proxy servers, potentially leading to information disclosure. The issue is described with a CVSSv3.1 base s...
NVIDIA Omniverse Launcher 日志信息泄露漏洞
NVIDIA Omniverse Launcher is an easily extensible open platform from NVIDIA, Inc. Built for virtual collaboration and real-time physically accurate simulations. NVIDIA Omniverse Launcher suffers from a log information disclosure vulnerability that originates from writing sensitive information to ...
CVE-2025-54581 vproxy is vulnerable to a divide by zero DoS attack
vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::tryfrom and flows into parsettlextension where it is parsed as a TTL value. If an attacker supplies a TTL of zero...
CVE-2025-54581 vproxy is vulnerable to a divide by zero DoS attack
vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::tryfrom and flows into parsettlextension where it is parsed as a TTL value. If an attacker supplies a TTL of zero...