Vulnerabilities (CVE)

Filtered by vendor Banu Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1843 1 Banu 1 Tinyproxy 2024-11-21 6.8 MEDIUM N/A
Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers.
CVE-2011-1499 2 Banu, Debian 2 Tinyproxy, Debian Linux 2024-11-21 2.6 LOW N/A
acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.
CVE-2012-3505 1 Banu 1 Tinyproxy 2024-02-28 5.0 MEDIUM N/A
Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via (1) a large number of headers or (2) a large number of forged headers that trigger hash collisions predictably. bucket.