MiracleLinux 9 : squid-5.2-1.el9.2 (AXSA:2022-4089:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4089:04 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : squid:4 (AXSA:2022-3877:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3877:01 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : squid-3.5.20-17.el7.8 (AXSA:2022-3878:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3878:02 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...

EUVD-2025-41318

Malicious code in citra-mieaceh32-riris npm...

CVE-2021-41318

In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser...

Alibaba Cloud Linux 3 : 0166: squid:4 (ALINUX3-SA-2022:0166)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0166 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-41318: RESERVED This candidate has been...

CVE-2024-41318

creationtimestamp| type| source ---|---|--- 2024-07-22 16:59:30+00:00| seen| https://t.me/cvedetector/1440...

CVE-2024-41318

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcliwpsgenpincode function...

CVE-2024-41318

TOTOLINK A6000R V1.0.1-B20201211.2000 is affected by a command‑injection vulnerability in the apcli_wps_gen_pincode function via the ifname parameter. The issue allows injecting commands and can lead to remote execution over the network. Affected product: TOTOLINK A6000R (firmware v1.0.1-B2020121...

Ubuntu: Security Advisory (USN-6857-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6857-1: Squid vulnerabilities

Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to cause Squid to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2021-28651 It was discovered that Squid...

Rocky Linux 9 : squid (RLSA-2022:6839)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6839 advisory. - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer- overflow protection, the SSPI and SMB authentication helpe...

Amazon Linux 2 : squid (ALASSQUID4-2023-001)

The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2SQUID4-2023-001 advisory. A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerabl...

Important: squid

Issue Overview: A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure or a denial of service. CVE-2022-41318 Affected Packages: squid Note: This advisory i...

CVE-2023-41318

creationtimestamp| type| source ---|---|--- 2023-09-09 05:10:35+00:00| seen| https://t.me/cibsecurity/70170...

CVE-2023-41318

CVE-2023-41318 affects matrix-media-repo and concerns an SVG/script execution vulnerability when a malicious media is uploaded and served with Content-Disposition: inline. Affected component is the matrix-media-repo media repository; the underlying cause is unsafe handling of media that can lead ...

CVE-2023-41318 Unsafe media served inline on download endpoints in matrix-media-repo

matrix-media-repo is a highly customizable multi-domain media repository for the Matrix chat ecosystem. In affected versions an attacker could upload a malicious piece of media to the media repo, which would then be served with Content-Disposition: inline upon download. This vulnerability could b...

Huawei EulerOS: Security Advisory for squid (EulerOS-SA-2023-1515)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : squid (EulerOS-SA-2023-1515)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer- overflow protection, the SSPI and SMB...

SUSE CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...