Filtered by vendor Privoxy
Subscriptions
Total
29 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-3699 | 2 Opensuse, Privoxy | 3 Factory, Leap, Privoxy | 2021-09-14 | 7.8 High |
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openSUSE Leap 15.1 privoxy version 3.0.28-lp151.1.1 and prior versions. openSUSE Factory privoxy version 3.0.28-2.1 and prior versions. | ||||
CVE-2015-1380 | 3 Opensuse, Oracle, Privoxy | 3 Opensuse, Solaris, Privoxy | 2018-10-30 | N/A |
jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body. | ||||
CVE-2015-1381 | 3 Debian, Opensuse, Privoxy | 3 Debian Linux, Opensuse, Privoxy | 2018-10-30 | N/A |
Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors. | ||||
CVE-2015-1382 | 3 Debian, Opensuse, Privoxy | 3 Debian Linux, Opensuse, Privoxy | 2018-10-30 | N/A |
parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header. | ||||
CVE-2016-1983 | 1 Privoxy | 1 Privoxy | 2016-12-06 | N/A |
The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header. | ||||
CVE-2016-1982 | 1 Privoxy | 1 Privoxy | 2016-12-06 | N/A |
The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content. | ||||
CVE-2015-1031 | 1 Privoxy | 1 Privoxy | 2015-03-04 | N/A |
Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these details are obtained from third party information. | ||||
CVE-2015-1030 | 1 Privoxy | 1 Privoxy | 2015-02-04 | N/A |
Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached. | ||||
CVE-2013-2503 | 1 Privoxy | 1 Privoxy | 2013-04-11 | N/A |
Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code. |