Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Privoxy Subscribe
Filtered by product Privoxy
Total 29 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-1382 3 Debian, Opensuse, Privoxy 3 Debian Linux, Opensuse, Privoxy 2018-10-30 5.0 MEDIUM N/A
parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.
CVE-2015-1381 3 Debian, Opensuse, Privoxy 3 Debian Linux, Opensuse, Privoxy 2018-10-30 5.0 MEDIUM N/A
Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.
CVE-2015-1380 3 Opensuse, Oracle, Privoxy 3 Opensuse, Solaris, Privoxy 2018-10-30 5.0 MEDIUM N/A
jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body.
CVE-2016-1982 1 Privoxy 1 Privoxy 2016-12-05 5.0 MEDIUM 7.5 HIGH
The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content.
CVE-2016-1983 1 Privoxy 1 Privoxy 2016-12-05 5.0 MEDIUM 7.5 HIGH
The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header.
CVE-2015-1031 1 Privoxy 1 Privoxy 2015-03-04 7.5 HIGH N/A
Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these details are obtained from third party information.
CVE-2015-1030 1 Privoxy 1 Privoxy 2015-02-03 5.0 MEDIUM N/A
Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.
CVE-2015-1201 1 Privoxy 1 Privoxy 2015-01-22 5.0 MEDIUM N/A
Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2013-2503 1 Privoxy 1 Privoxy 2013-04-10 5.8 MEDIUM N/A
Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.