Lucene search
K

178 matches found

Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.3 views

PT-2024-3703 · Pccx26 +5 · Pccx26 +5

Name of the Vulnerable Software and Affected Versions: CPC80 Central Processing/Communication versions prior to V16.41 CPCI85 Central Processing/Communication versions prior to V5.30 CPCX26 Central Processing/Communication versions prior to V06.02 ETA4 Ethernet Interface IEC60870-5-104 versions...

7.8CVSS7.9AI score0.00468EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.49 views

RHEL 8 : squid:4 (RHSA-2024:2777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2777 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: denial of...

8.6CVSS7.1AI score0.88864EPSS
Exploits0References6
OSV
OSV
added 2024/05/01 4:15 p.m.2 views

ALPINE-CVE-2023-49606

A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make ...

9.8CVSS8.4AI score0.63076EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/04/24 12:0 a.m.5 views

Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance are both products of Cisco, Inc.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Adaptive Security Appliance is a network appliance. Used to protect corpora...

8.6CVSS6.6AI score0.70686EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2024/04/24 12:0 a.m.33 views

CVE-2024-20353

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. This...

8.6CVSS7AI score0.70686EPSS
In wildExploits1References2
Ubuntu
Ubuntu
added 2024/04/23 11:20 a.m.72 views

USN-6728-3: Squid vulnerability

USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update. We apologize for the inconvenience...

8.6CVSS6.5AI score0.05229EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/12 12:0 a.m.37 views

Oracle Linux 7 : squid (ELSA-2024-1787)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1787 advisory. - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manag...

8.6CVSS6.9AI score0.95785EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2024/04/10 12:0 a.m.61 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Squid vulnerabilities (USN-6728-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6728-1 advisory. Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to caus...

8.6CVSS6.8AI score0.88864EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.47 views

SUSE SLES15 Security Update : squid (SUSE-SU-2024:1114-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1114-1 advisory. - CVE-2024-25617: Fixes denial of service in HTTP header parser bsc1219960 - CVE-2024-25111: Fixes Chunked Encoding Stack Overflow...

8.6CVSS6.8AI score0.88864EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.27 views

SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2024:1113-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1113-1 advisory. - CVE-2024-25617: Fixes denial of service in HTTP header parser bsc1219960 - CVE-2024-25111: Fixes Chunked Encoding...

8.6CVSS6.8AI score0.88864EPSS
Exploits0References7
OSV
OSV
added 2024/03/31 3:27 a.m.20 views

MGASA-2024-0102 Updated squid packages fix security vulnerabilities

Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squ...

8.6CVSS7AI score0.88864EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.50 views

Oracle Linux 8 : squid:4 (ELSA-2024-1375)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1375 advisory. - Resolves: RHEL-19551 - squid:4/squid: denial of service in HTTP request parsing CVE-2023-50269 - Resolves: RHEL-28611 - squid:4/squid: Denial of...

8.6CVSS6.9AI score0.88864EPSS
Exploits0References4
NVD
NVD
added 2024/03/20 5:15 a.m.19 views

CVE-2024-22081

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism...

9.8CVSS6.8AI score0.00785EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/20 12:0 a.m.14 views

CVE-2024-22081

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism...

7.1AI score0.00785EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/20 12:0 a.m.21 views

CVE-2024-22081

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism...

7AI score0.00785EPSS
Exploits0References1
CVE
CVE
added 2024/03/20 12:0 a.m.56 views

CVE-2024-22081

CVE-2024-22081 affects Elspec G5 digital fault recorder versions 1.1.4.15 and earlier, with unauthenticated memory corruption possible in the HTTP header parsing mechanism. The issue is described across multiple sources (RH, NVD, Tenable/NASL, CVE lists) as a memory corruption vulnerability explo...

9.8CVSS7.1AI score0.00785EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.4 views

PT-2024-19192 · Elspec · Elspec G5 Digital Fault Recorder

Name of the Vulnerable Software and Affected Versions: Elspec G5 digital fault recorder versions 1.1.4.15 and before Description: An issue was discovered in the HTTP header parsing mechanism, allowing unauthenticated memory corruption to occur. Recommendations: For Elspec G5 digital fault recorde...

9.8CVSS7.2AI score0.00785EPSS
Exploits0References3
OSV
OSV
added 2024/03/18 7:10 p.m.8 views

CLSA-2024-1710789017 Fix CVE(s): CVE-2024-25617

SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617...

7.5CVSS5.8AI score0.88864EPSS
Exploits0References1
OSV
OSV
added 2024/03/14 5:14 p.m.6 views

CLSA-2024-1710436449 Fix CVE(s): CVE-2024-25617

SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617...

7.5CVSS6.8AI score0.88864EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/29 7:47 p.m.1 views

python-aiohttp: numerous issues in HTTP parser with header parsing

An HTTP request smuggling vulnerability was found in aiohttp. Numerous issues with HTTP parsing can allow an attacker to smuggle HTTP requests...

7.5CVSS7.1AI score0.0085EPSS
Exploits1References5
Rows per page
Query Builder