Lucene search
K

61 matches found

OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.15 views

Slackware: Security Advisory (SSA:2016-039-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS7.4AI score0.09327EPSS
Exploits0References3
OSV
OSV
added 2021/03/15 6:15 p.m.1 views

ALPINE-CVE-2021-28363

The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy if an SSLContext isn't given via proxyconfig doesn't verify the hostname of the certificate. This means certificates for...

6.5CVSS7AI score0.02109EPSS
Exploits0References1
Citrix
Citrix
added 2021/01/27 12:0 a.m.8 views

CWA for Android: Fail to Launch Apps and Desktops

Applications are enumerated correct, But when you try launch Apps it fails to connect. Error logged during launch is "javax.net.ssl.SSLPeerUnverifiedException: Check that all CAs are compliant and are installed properly" Full trace ======= "2021-01-20T06:57:18.559+0530","TCPSocketFactory","INFO...

7.2AI score
Exploits0
OSV
OSV
added 2020/03/06 4:13 p.m.7 views

MGASA-2020-0118 Updated glib2.0 packages fix security vulnerability

The updated packages fix a security vulnerability: GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxyaddr field is mishandled. This bug is timing-dependent and may...

5.9CVSS5.6AI score0.02174EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/02/25 1:7 p.m.6 views

nodejs: HTTP request smuggling using malformed Transfer-Encoding header

A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to properly process the HTTPs headers, resulting in a request smuggling attack. An attacker can use this flaw to alter a request sent as an authenticated user if the Node.js server is...

9.8CVSS7.2AI score0.57132EPSS
Exploits0References5
NVD
NVD
added 2019/12/05 3:15 p.m.17 views

CVE-2013-0163

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS...

5.5CVSS5.5AI score0.00305EPSS
Exploits0References2
CNVD
CNVD
added 2019/12/04 12:0 a.m.3 views

TitanHQ WebTitan has an unspecified vulnerability (CNVD-2019-44519)

TitanHQ WebTitan is a web content filter from TitanHQ Ireland. A security vulnerability exists in TitanHQ WebTitan versions prior to 5.18. The vulnerability can be exploited by an attacker to take full control of the device database by connecting to the database via a proxy no password required...

10CVSS6.9AI score0.03313EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.15 views

openSUSE Security Update : hylafax+ (openSUSE-2019-711)

This update for hylafax+ fixes the following issues : Security issues fixed in 5.6.1 : - CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format Specially crafted input may have allowed remote execution of arbitrary code boo1109084 Additionally, this update also...

9.8CVSS8.6AI score0.05588EPSS
Exploits2References2
Citrix
Citrix
added 2017/06/01 12:0 a.m.8 views

Troubleshooting XenCenter Proxy Authentication Issues

XenCenter does not connect to a proxy server One common problem with using a proxy server is that the client XenCenter can’t connect to it. You may receive the following error when trying to connect to a XenServer host after configuring to use a proxy server in XenCenter: You may also receive the...

7.2AI score
Exploits0
Citrix
Citrix
added 2016/11/25 12:0 a.m.8 views

Secure Mail Error: "Access to company is not currently available"

Worx/Secure Mail Error: "Access to your company is not currently available" Errors found in the client logs: AGTunnel fails to start when attempting to proxy traffic from the NSG " 2016-11-14T11:22:11.535+0000 ",AGTunneler ,WARNING 3,"Failed to read in AGSOCKSClient, err = -8000...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/20 12:0 a.m.67 views

Putty 0.67 Cleartext Password Storage

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PUTTY.EXE-INSECURE-PASSWORD-STORAGE.txt + ISR: ApparitionSec Vendor: ========================== www.chiark.greenend.org.uk Product: =========== Putty.exe v0.67 PuTTY is a free...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.27 views

Fedora 22 : curl-7.40.0-8.fc22 (2016-3fa315a5dd)

match credentials when re-using a proxy connection CVE-2016-0755 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.3CVSS7.4AI score0.09327EPSS
Exploits0References3
OpenWrt
OpenWrt
added 2016/03/02 11:23 a.m.664 views

curl: Security update (CVE-2016-0755)

The curl package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to a reported security issue. VERSION 7.40.0-3 = 7.40.0-3.1 CHANGELOG Wed, 2 Mar 2016 09:51:47 +0000 0914eea Bump pkg revision Tue, 1 Mar 2016 22:42:51 +0000 380df1a This fixes the following security...

5CVSS1.4AI score0.09327EPSS
Exploits0References3
OSV
OSV
added 2016/01/27 8:0 a.m.9 views

CURL-CVE-2016-0755 NTLM credentials not-checked for proxy connection reuse

libcurl reuses NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. libcurl maintains a pool of connections after a transfer has completed. The pool of connections is then gone through when a ne...

7.3CVSS6.8AI score0.09327EPSS
Exploits0
myhack58
myhack58
added 2015/09/03 12:0 a.m.241 views

Empire: a PowerShell post-exploitation Agent tools-vulnerability warning-the black bar safety net

Empire is a purely PowerShell post-exploitation Agent tools, it is built on cryptography, secure communications and flexible architecture. Empire realize the need to powershell. exe you can run a PowerShell proxy function. Rapid deployment post-exploit module, from the keyboard recorder to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/10/14 12:0 a.m.73 views

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2014-10-01 Bosch Security Systems DVR 630/650/670 Series Multiple Vulnerabilities Device: "The Bosch Video Recorder 630/650 Seri...

7AI score
Exploits0
Fedora
Fedora
added 2013/06/11 9:5 a.m.20 views

[SECURITY] Fedora 18 Update: socat-1.7.2.2-1.fc18

Socat is a relay for bidirectional data transfer between two independent da ta channels. Each of these data channels may be a file, pipe, device serial l ine etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc.,...

2.6CVSS0.7AI score0.02061EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2013/02/20 4:19 p.m.37 views

Moderate: Red Hat Security Advisory: squid security and bug fix update

Updated squid packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

5CVSS7AI score0.23005EPSS
Exploits1References9
Prion
Prion
added 2011/04/18 5:55 p.m.22 views

Code injection

Red Hat Network RHN Satellite Server 5.3 and 5.4 does not properly rewrite unspecified URLs, which allows remote attackers to 1 obtain unspecified sensitive host information or 2 use the server as an inadvertent proxy to connect to arbitrary services and IP addresses via unspecified vectors...

6.4CVSS7AI score0.01708EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2010/02/18 6:0 p.m.21 views

Design/Logic Flaw

Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via standard HTTP logging, as demonstrated by a prox...

4.3CVSS6.4AI score0.01015EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder