CVE-2026-1495

The vulnerability, if exploited, could allow an attacker with Event Log Reader S-1-5-32-573 privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server...

AVEVA PI to CONNECT Agent 日志信息泄露漏洞

AVEVA PI to CONNECT Agent is a data transfer component developed by the British company AVEVA. AVEVA PI to CONNECT Agent has a vulnerability related to log information leakage. This vulnerability arises from attackers who have access to event log reading capabilities, allowing them to obtain...

Wazuh 访问控制错误漏洞

Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. An Access Control Error vulnerability exists in Wazuh versions 4.9.0 through prior to 4.13.0, which stems from a...

CVE-2025-47791

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 28.0.13, 29.0.10, and 30.0.3 and Nextcloud Enterprise Server prior to 28.0.13, 29.0.10, and 30.0.3, a currently unused endpoint to verify a share recipient was not protected correctly, allowing to proxy requests...

PT-2024-5874 · Hashicorp +2 · Vault Enterprise +3

Name of the Vulnerable Software and Affected Versions: Vault and Vault Enterprise versions prior to 1.15.12 Vault and Vault Enterprise versions prior to 1.16.6 Vault and Vault Enterprise versions prior to 1.17.2 Description: The issue is related to the improper handling of requests originating fr...

PT-2022-23765 · Zimbra · Zimbra Collaboration Suite

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite versions 8.8.15 through 9.0 Description: An issue was discovered in ProxyServlet.java in the /proxy servlet. The value of the X-Forwarded-Host header overwrites the value of the Host header in proxied requests. The...

PPLive TCP/9415 端口免费公用代理服务器漏洞

BUGTRAQ ID: 47508 PPLive网络电视是PPLive旗下媒体，一款全球安装量最大的网络电视，支持对海量高清影视内容的“直播+点播”功能。 PPLive在实现上存在配置漏洞，远程攻击者可利用此漏洞非授权使用客户端TCP/9415的代理。 代理服务器应该仅应监听在127.0.0.1，但事实上是在所有接口监听的。 PPLive 1.9.21 厂商补丁： PPLive ------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.pplive.com/en/index.html...

Working Resources BadBlue 1.7.x2.x - Unauthorized Proxy Relay

Working Resources BadBlue 1.7.x2.x - Unauthorized Proxy Relay source: https://www.securityfocus.com/bid/11030/info BadBlue is prone to a vulnerability that may let the application be abused as a proxy. This vulnerability presents itself due to the 'Pass Thru' function allowing the server to be us...

Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay

source: https://www.securityfocus.com/bid/11030/info BadBlue is prone to a vulnerability that may let the application be abused as a proxy. This vulnerability presents itself due to the 'Pass Thru' function allowing the server to be used as a proxy. This could be exploited by malicious parties to...