Lucene search
K

84 matches found

Tenable Nessus
Tenable Nessus
added 2017/08/21 12:0 a.m.23 views

Debian DSA-3948-1 : ioquake3 - security update

A read buffer overflow was discovered in the idtech3 Quake III Arena family of game engines. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted packet. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

9.8CVSS8.8AI score0.02517EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2017/08/18 12:0 a.m.12 views

Debian: Security Advisory (DSA-3948-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02517EPSS
Exploits1References3
NVD
NVD
added 2017/06/23 1:29 p.m.18 views

CVE-2017-3948

Cross Site Scripting XSS in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint DLP Endpoint 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session...

5.4CVSS5.2AI score0.00511EPSS
Exploits0References1
CVE
CVE
added 2017/06/23 1:0 p.m.59 views

CVE-2017-3948

Summary: CVE-2017-3948 is a Cross Site Scripting (XSS) vulnerability in the IMG Tags of the ePO extension for McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x. The underlying issue is an XSS in IMG Tags that allows an authenticated user to inject arbitrary web script or HTML via malicio...

5.4CVSS5.1AI score0.00511EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/05/11 2:1 p.m.23 views

CVE-2010-3948

This CVE entry is rejected/not used and does not represent an active vulnerability entry.

6.6AI score
Exploits0
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.9 views

CVE-2010-3948

...

Exploits0
Tenable Nessus
Tenable Nessus
added 2016/12/15 12:0 a.m.45 views

Scientific Linux Security Update : squid on SL7.x x86_64 (20161103)

The following packages have been upgraded to a newer upstream version: squid 3.5.20. Security Fixes : - Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid usi...

7.5CVSS7.4AI score0.35265EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/11/28 12:0 a.m.45 views

CentOS 7 : squid (CESA-2016:2600)

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.4AI score0.35265EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/08/17 12:0 a.m.35 views

openSUSE Security Update : squid (openSUSE-2016-988)

The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues : - Fixed multiple Denial of Service issues in HTTP Response processing. CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc968392, bsc968393, bsc968394, bsc968395 - CVE-2016-3947: Buffer...

8.8CVSS6.9AI score0.79969EPSS
Exploits2References34
OpenVAS
OpenVAS
added 2016/08/02 12:0 a.m.40 views

Fedora Update for squid FEDORA-2016-b3b9407940

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.79969EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2016/07/15 12:0 a.m.40 views

Fedora 24 : 7:squid (2016-95edf19d8a)

Bugfix ---- Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556 ---- Security fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 ---- Security fix for CVE-2016-3947 and CVE-2016-3948 Note that Tenable Network Security has extracted the preceding description...

8.8CVSS6.7AI score0.79969EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2016/07/15 12:0 a.m.35 views

Fedora 23 : 7:squid (2016-b3b9407940)

Security fix for CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556 ---- Security fix for CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 ---- Security fix for CVE-2016-3947 and CVE-2016-3948 ---- Security fix for CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572 Note tha...

8.8CVSS6.5AI score0.79969EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2016/07/11 12:0 a.m.33 views

GLSA-201607-01 : Squid: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201607-01 Squid: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Squid. Please review the CVE identifiers referenced below for details. Impact : An attacker can possibly execute arbitrary code or create a...

8.8CVSS7.1AI score0.79969EPSS
Exploits1References16
Check Point Advisories
Check Point Advisories
added 2016/05/19 12:0 a.m.6 views

Squid HTTP Response Processing Denial of Service (CVE-2016-3948)

The vulnerability is due to improper bounds checking while processing HTTP responses. A remote, unauthenticated attacker can exploit this vulnerability by returning crafted HTTP responses to the vulnerable proxy server. Successful exploitation of the vulnerability could lead to denial-of-service...

5CVSS1.5AI score0.35265EPSS
Exploits0
OSV
OSV
added 2016/04/07 6:59 p.m.8 views

CVE-2016-3948

Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers...

7.5CVSS7.4AI score
Exploits0References9
CVE
CVE
added 2016/04/07 6:0 p.m.105 views

CVE-2016-3948

CVE-2016-3948 affects Squid 3.x before 3.5.16 and 4.x before 4.0.8, where insufficient bounds checking on HTTP Vary headers allows remote attackers to cause a denial of service via a crafted HTTP response. Related advisories show fixes in newer Squid releases (e.g., 3.5.20 and 4.x series updates)...

7.5CVSS7.2AI score0.35265EPSS
Exploits0References9Affected Software1
Mageia
Mageia
added 2016/04/06 2:9 p.m.37 views

Updated squid packages fix security vulnerabilities

Updated squid packages fix security vulnerabilities: Due to a buffer overrun, the Squid pinger binary in Squid before 3.5.16 is vulnerable to a denial of service or information leak attack when processing ICMPv6 packets. This bug also permits the server response to manipulate other ICMP and ICMPv...

8.2CVSS0.8AI score0.35265EPSS
Exploits0References3
NVD
NVD
added 2016/01/15 3:59 a.m.15 views

CVE-2015-3948

Cross-site scripting XSS vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.7AI score0.00969EPSS
Exploits0References1
CVE
CVE
added 2016/01/15 2:0 a.m.66 views

CVE-2015-3948

Summary : CVE-2015-3948 is a cross-site scripting (XSS) vulnerability in Advantech WebAccess prior to 8.1. The issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. According to NVD, the CVSS base score (v3) is 5.4 (Medium) with network access, lo...

5.4CVSS5.1AI score0.00969EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2016/01/15 2:0 a.m.20 views

CVE-2015-3948

Cross-site scripting XSS vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.00969EPSS
Exploits0References1
Rows per page
Query Builder