CVE-2024-56800 Firecrawl has SSRF Vulnerability via malicious scrape target

Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery SSRF vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to a local IP address...

The vulnerability of the Ruijie Reyee OS operating system’s proxy server allows a hacker to execute an SSRF attack.

The vulnerability of the Ruijie Reyee OS operating system’s proxy server is related to insufficient checking of requests on the server side. Exploiting this vulnerability allows a remote attacker to execute an SSRF attack...

CVE-2024-48874

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud...

CVE-2024-48874

CVE-2024-48874 affects Ruijie Reyee OS, specifically versions 2.206.x up to but not including 2.320.x. The root cause is a server-side request forgery (SSRF) in Ruijie’s proxy handling that could be leveraged to force proxy servers to perform arbitrary requests, enabling access to internal servic...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x up to and including 2.320.x. An attacker can exploit this vulnerability to force Ruijie's proxy server to execute any request of the attacker's choosing...

The vulnerability of the zbx_snmp_cache_handle_engineid() function in the proxy server of the Zabbix monitoring system allows a attacker to cause a service failure.

The vulnerability of the zbxsnmpcachehandleengineid function in the Zabbix monitoring proxy server relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

ROS-20241203-14

Squid proxy server vulnerability is related to errors in input data processing. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by sending specially crafted ESI packets. specially crafted ESI packets...

PT-2024-9574 · Ruijie · Ruijie Reyee Os

Name of the Vulnerable Software and Affected Versions: Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x Description: The issue allows attackers to force Ruijie's proxy servers to perform any request the attackers choose, potentially giving them access to internal services used by...

alist-tvbox 安全漏洞

alist-tvbox is an AList TvBox proxy server by Harold Personal Developer. A security vulnerability exists in alist-tvbox version v1.7.1, which stems from a vulnerability that allows remote attackers to execute arbitrary code via the /atv-cli file...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Denial of Service processing ESI response content...

CVE-2024-8534

Summary: CVE-2024-8534 is a memory safety vulnerability in Citrix NetScaler ADC and NetScaler Gateway that can cause memory corruption and Denial of Service when the device is configured as a Gateway/VPN Vserver with RDP features enabled (or with an RDP Proxy Server Profile) or when the Auth Serv...

CVE-2024-8534 Memory safety vulnerability leading to memory corruption and Denial of Service

Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway VPN Vserver with RDP Feature enabled OR the appliance must be configured as a Gateway VPN Vserver and RDP Proxy Server Profile is created an...

CVE-2024-8534 Memory safety vulnerability leading to memory corruption and Denial of Service

Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway VPN Vserver with RDP Feature enabled OR the appliance must be configured as a Gateway VPN Vserver and RDP Proxy Server Profile is created an...

CVE-2024-47593

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to read files from the server, which otherwise would be restricted.This attack is possible only if a Web Dispatcher or some sort of Proxy Server is in use and the file in question was previously opened or...

CVE-2024-47593 Information Disclosure Vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to read files from the server, which otherwise would be restricted.This attack is possible only if a Web Dispatcher or some sort of Proxy Server is in use and the file in question was previously opened or...

CVE-2024-47593

CVE-2024-47593 : SAP NetWeaver Application Server ABAP contains an information disclosure vulnerability. An unauthenticated, network-accessible attacker can read files from the server only if a Web Dispatcher or Proxy is in use and the target file was previously opened or downloaded via an applic...