178 matches found
PT-2024-3703 · Pccx26 +5 · Pccx26 +5
Name of the Vulnerable Software and Affected Versions: CPC80 Central Processing/Communication versions prior to V16.41 CPCI85 Central Processing/Communication versions prior to V5.30 CPCX26 Central Processing/Communication versions prior to V06.02 ETA4 Ethernet Interface IEC60870-5-104 versions...
RHEL 8 : squid:4 (RHSA-2024:2777)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2777 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: denial of...
ALPINE-CVE-2023-49606
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make ...
Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞
Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance are both products of Cisco, Inc.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Adaptive Security Appliance is a network appliance. Used to protect corpora...
CVE-2024-20353
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. This...
USN-6728-3: Squid vulnerability
USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update. We apologize for the inconvenience...
Oracle Linux 7 : squid (ELSA-2024-1787)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1787 advisory. - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manag...
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Squid vulnerabilities (USN-6728-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6728-1 advisory. Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to caus...
SUSE SLES15 Security Update : squid (SUSE-SU-2024:1114-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1114-1 advisory. - CVE-2024-25617: Fixes denial of service in HTTP header parser bsc1219960 - CVE-2024-25111: Fixes Chunked Encoding Stack Overflow...
SUSE SLES15 / openSUSE 15 Security Update : squid (SUSE-SU-2024:1113-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1113-1 advisory. - CVE-2024-25617: Fixes denial of service in HTTP header parser bsc1219960 - CVE-2024-25111: Fixes Chunked Encoding...
MGASA-2024-0102 Updated squid packages fix security vulnerabilities
Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squ...
Oracle Linux 8 : squid:4 (ELSA-2024-1375)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1375 advisory. - Resolves: RHEL-19551 - squid:4/squid: denial of service in HTTP request parsing CVE-2023-50269 - Resolves: RHEL-28611 - squid:4/squid: Denial of...
CVE-2024-22081
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism...
CVE-2024-22081
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism...
CVE-2024-22081
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism...
CVE-2024-22081
CVE-2024-22081 affects Elspec G5 digital fault recorder versions 1.1.4.15 and earlier, with unauthenticated memory corruption possible in the HTTP header parsing mechanism. The issue is described across multiple sources (RH, NVD, Tenable/NASL, CVE lists) as a memory corruption vulnerability explo...
PT-2024-19192 · Elspec · Elspec G5 Digital Fault Recorder
Name of the Vulnerable Software and Affected Versions: Elspec G5 digital fault recorder versions 1.1.4.15 and before Description: An issue was discovered in the HTTP header parsing mechanism, allowing unauthenticated memory corruption to occur. Recommendations: For Elspec G5 digital fault recorde...
CLSA-2024-1710789017 Fix CVE(s): CVE-2024-25617
SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617...
CLSA-2024-1710436449 Fix CVE(s): CVE-2024-25617
SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values - CVE-2024-25617...
python-aiohttp: numerous issues in HTTP parser with header parsing
An HTTP request smuggling vulnerability was found in aiohttp. Numerous issues with HTTP parsing can allow an attacker to smuggle HTTP requests...