43 matches found
curl: libcurl 8.20.0 incomplete fix for CVE-2026-7168: changing only CURLOPT_PROXYPORT leaks stale Proxy Digest auth to a different proxy
Summary: I found an incomplete-fix variant of CVE-2026-7168 in curl 8.20.0. The 8.20.0 fix clears state.proxydigest / state.authproxy when CURLOPTPROXY changes, but not when only CURLOPTPROXYPORT changes. On the same easy handle, request 1 through proxyA CURLOPTPROXYPORT=18197 learns Proxy Digest...
CVE-2025-41355
Reflected Cross-Site Scripting XSS vulnerability in Anon Proxy Server v0.104. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or ...
CVE-2025-41355
CVE-2025-41355 describes a reflected XSS in Anon Proxy Server v0.104. The vulnerability affects the /anon.php endpoint, specifically the port and proxyPort parameters, allowing an attacker to craft a malicious URL that executes JavaScript in the victim’s browser. Consequences include potential le...
CVE-2025-41355 Reflected Cross-Site Scripting on Anon Proxy Server
Reflected Cross-Site Scripting XSS vulnerability in Anon Proxy Server v0.104. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malicious URL. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or ...
niknah Anon Proxy Server 跨站脚本漏洞
Niknah Anon Proxy Server is a proxy server software provided by the Niknah company, offering anonymous network access and traffic forwarding capabilities. Version 0.104 of Anon Proxy Server contains a cross-site scripting vulnerability. This vulnerability stems from the lack of effective filterin...
Fortinet FortiSOAR Agent Communication Bridge 路径遍历漏洞
The Fortinet FortiSOAR Agent Communication Bridge is an agent communication component of the automation platform developed by Fortinet, a US-based company. Versions 1.1.0 and all versions of 1.0 of the Fortinet FortiSOAR Agent Communication Bridge contain a path traversal vulnerability. This...
BIT-MONGODB-2026-1848 Connections received from the proxy port may not count towards total accepted connections
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
Linux Distros Unpatched Vulnerability : CVE-2026-1848
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceed...
CVE-2026-1848
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
CVE-2026-1848
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
CVE-2026-1848
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
CVE-2026-1848
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
UBUNTU-CVE-2026-1848
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
CVE-2026-1848
CVE-2026-1848 affects a MongoDB component where connections received via the proxy port are not counted toward the total accepted connections while the proxy protocol header is pending. This can allow the server to reach resource limits, potentially causing crashes when the total connections exce...
CVE-2026-1848
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
CVE-2026-1848 Connections received from the proxy port may not count towards total accepted connections
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
CVE-2026-1848 Connections received from the proxy port may not count towards total accepted connections
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
Connections received from the proxy port may not count towards total accepted connections
Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies to connections accepted from the proxy port, pending the proxy protocol header...
PT-2026-7421
Name of the Vulnerable Software and Affected Versions Connections affected versions not specified Description The system may not accurately count connections received through the proxy port, specifically when a proxy protocol header is present. This can lead to the server exceeding its connection...
EUVD-2000-0007
Malware in sbrugna...