Shodan
Vulnerabilities
Vulnerable Software
Privoxy:  >> Privoxy  >> 3.0.14  Security Vulnerabilities
CVE-2021-20210
A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash.
CVSS Score
7.5
EPSS Score
0.011
Published
2021-03-25
CVE-2021-20211
A flaw was found in Privoxy in versions before 3.0.29. Memory leak when client tags are active can cause a system crash.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-03-25
CVE-2021-20212
A flaw was found in Privoxy in versions before 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash.
CVSS Score
7.5
EPSS Score
0.011
Published
2021-03-25
CVE-2021-20213
A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed.
CVSS Score
7.5
EPSS Score
0.013
Published
2021-03-25
CVE-2021-20276
A flaw was found in privoxy before 3.0.32. Invalid memory access with an invalid pattern passed to pcre_compile() may lead to denial of service.
CVSS Score
7.5
EPSS Score
0.028
Published
2021-03-09
CVE-2021-20272
A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.
CVSS Score
7.5
EPSS Score
0.022
Published
2021-03-09
CVE-2021-20273
A flaw was found in privoxy before 3.0.32. A crash can occur via a crafted CGI request if Privoxy is toggled off.
CVSS Score
7.5
EPSS Score
0.028
Published
2021-03-09
CVE-2021-20274
A flaw was found in privoxy before 3.0.32. A crash may occur due a NULL-pointer dereference when the socks server misbehaves.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-03-09
CVE-2021-20275
A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunked_body_is_complete() leading to denial of service.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-03-09
CVE-2019-3699
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openSUSE Leap 15.1 privoxy version 3.0.28-lp151.1.1 and prior versions. openSUSE Factory privoxy version 3.0.28-2.1 and prior versions.
CVSS Score
7.7
EPSS Score
0.001
Published
2020-01-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved