104 matches found
CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
Privilege escalation
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
UBUNTU-CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
CVE-2021-28652
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short que...
CVE-2021-28652
CVE-2021-28652 concerns Squid before 4.15 and 5.x before 5.0.6. The issue stems from incorrect parser validation, allowing a Denial of Service attack against the Cache Manager API. A trusted client with Cache Manager API access can trigger memory leaks that, over time, lead to a DoS via an unspec...
CVE-2021-28652
A flaw was found in Squid. A parser validation bug could allow a trusted client with Cache Manager API access privileges to trigger memory leaks, potentially resulting in a denial of service against Squid. The highest threat from this vulnerability is to system availability. Mitigation To mitigat...
Denial Of Service (DoS)
squid is vulnerable to denial of service DoS. The vulnerability exists through an improper parser validation, allowing a trusted client to cause memory leaks through the Cache Manager API...
CVE-2021-21983
Arbitrary file write vulnerability in vRealize Operations Manager API CVE-2021-21983 prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system...
CVE-2021-21983
CVE-2021-21983 is an authenticated arbitrary file write vulnerability in the VMware vRealize Operations Manager API (pre-8.4). A network‑accessible attacker can leverage the API to write files to arbitrary locations on the underlying Photon OS, potentially enabling code execution as illustrated i...
CVE-2021-21975
Server Side Request Forgery in vRealize Operations Manager API CVE-2021-21975 prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials. Recent assessments: wvu-r7 at Mar...
CVE-2020-7927 Potential privilege escalation in Ops Manager API
Specially crafted API calls may allow an authenticated user who holds Organization Owner privilege to obtain an API key with Global Role privilege. This issue affects MongoDB Ops Manager v4.2 versions prior to and including 4.2.17, MongoDB Ops Manager v4.3 versions prior to and including 4.3.9 an...
CVE-2020-1528
An elevation of privilege vulnerability exists when the Windows Radio Manager API improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...
CVE-2020-1528
An elevation of privilege vulnerability exists when the Windows Radio Manager API improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...
CVE-2020-1528
CVE-2020-1528 concerns an elevation of privilege in Windows related to the Windows Radio Manager API improperly handling memory. The vulnerability requires an attacker to gain code execution on the victim and then run a crafted application to elevate privileges; Microsoft’s security update fixes ...
KB4565351: Windows 10 Version 1903 and Windows 10 Version 1909 August 2020 Security Update
The remote Windows host is missing security update 4565351. It is, therefore, affected by multiple vulnerabilities : - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could instal...
KB4571709: Windows 10 Version 1803 August 2020 Security Update
The remote Windows host is missing security update 4571709. It is, therefore, affected by multiple vulnerabilities : - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could instal...
KB4571741: Windows 10 Version 1709 August 2020 Security Update
The remote Windows host is missing security update 4571741. It is, therefore, affected by multiple vulnerabilities : - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could instal...
KB4565349: Windows 10 Version 1809 and Windows Server 2019 August 2020 Security Update
The remote Windows host is missing security update 4565349. It is, therefore, affected by multiple vulnerabilities : - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could instal...