169 matches found
Squid 安全漏洞
Squid is a suite of proxy server and web caching server software from Squid open source. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in Squid 7.1 and earlier versions, which stems from improper...
CVE-2025-59362
CVE-2025-59362 affects Squid up to version 7.1, due to mishandling of ASN.1 encoding of long SNMP OIDs in asn_build_objid (lib/snmplib/asn1.c). The issue is triggered by the ASN.1 encoding path and is described across multiple advisories/documentation in Connected documents. Impact according to t...
CVE-2025-59362
Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...
CVE-2025-59362
Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...
CVE-2025-42925
Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP service, an authenticated attacker with low privileges could predict the identifiers by conducting a brute force search. By leveraging knowledge of several identifiers generated close to the same time,...
Linux Distros Unpatched Vulnerability : CVE-2023-2650
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...
Allocation of Resources Without Limits or Throttling
Overview org.bouncycastle:bcprov-ext-jdk15to18 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by...
CVE-2025-8885 Possible DOS in processing specially formed ASN.1 Object Identifiers
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files...
CVE-2025-8885 Possible DOS in processing specially formed ASN.1 Object Identifiers
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files...
CVE-2018-20394
Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and TWG870 STB2.01.36 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests...
CLSA-2025-1744368964 openssl: Fix of CVE-2023-2650
Fix possible DoS translating ASN.1 object identifiers Resolves: CVE-2023-2650 - Release the DRBG in global default libctx early Resolves: rhbz2211340...
Azure Linux 3.0 Security Update: edk2 / hvloader / openssl / rust (CVE-2023-2650)
The version of edk2 / hvloader / openssl / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2650 advisory. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data...
net-snmp: Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously
A flaw was found in net-snmp. This issue occurs due to improper input validation when simultaneously setting malformed OIDs in the master agent and subagent...
net-snmp: Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously
A flaw was found in net-snmp. This issue occurs due to improper input validation when simultaneously setting malformed OIDs in the master agent and subagent...
PT-2024-5672 · Unknown · Netcat Cms
Name of the Vulnerable Software and Affected Versions: Netcat CMS affected versions not specified Description: The issue exists due to inadequate protection of the web page structure, specifically affecting the component id and object id parameters of the landing module in the Netcat CMS system...
dotnet: DoS when parsing X.509 Content and ObjectIdentifiers
A vulnerability was found in dotNET when Parsing X.509 Content and ObjectIdentifiers. This issue can lead to a denial of service attack...
dotnet: DoS when parsing X.509 Content and ObjectIdentifiers
A vulnerability was found in dotNET when Parsing X.509 Content and ObjectIdentifiers. This issue can lead to a denial of service attack...