Privoxy

privoxy

29 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (29)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-1983 1Privoxy 1Privoxy May 6, 2026 Jan 27, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header.
CVE-2016-1982 1Privoxy 1Privoxy May 6, 2026 Jan 27, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content.
CVE-2015-1031 1Privoxy 1Privoxy May 6, 2026 Feb 10, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free...Show more Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these details are obtained from third party information.Show less
CVE-2015-1382 3Debian OpensusePrivoxy 3Debian Linux OpensusePrivoxy May 6, 2026 Feb 3, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.
CVE-2015-1381 3Debian OpensusePrivoxy 3Debian Linux OpensusePrivoxy May 6, 2026 Feb 3, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.
CVE-2015-1380 3Opensuse OraclePrivoxy 3Opensuse PrivoxySolaris May 6, 2026 Feb 3, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body.
CVE-2015-1201 1Privoxy 1Privoxy May 6, 2026 Jan 20, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from...Show more Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2015-1030 1Privoxy 1Privoxy May 6, 2026 Jan 20, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the...Show more Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.Show less
CVE-2013-2503 1Privoxy 1Privoxy Apr 29, 2026 Mar 11, 2013 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a...Show more Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.Show less