Lucene search
K

14 matches found

NVD
NVD
added 2026/01/29 10:15 p.m.9 views

CVE-2026-25116

Runtipi is a personal homeserver orchestrator. Starting in version 4.5.0 and prior to version 4.7.2, an unauthenticated Path Traversal vulnerability in the UserConfigController allows any remote user to overwrite the system's docker-compose.yml configuration file. By exploiting insecure URN...

8.8CVSS0.00566EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2025/11/18 12:0 a.m.5 views

Squid Heap Buffer Overflow

Squid versions prior to 6.4 suffer from a heap-based buffer overflow that is triggered during URN Trivial-HTTP response handling...

9.8CVSS7.3AI score0.22744EPSS
Exploits1
OSV
OSV
added 2025/09/05 12:48 p.m.5 views

CLSA-2025-1757076484 squid: Fix of CVE-2025-54574

CVE-2025-54574: fix buffer overflow in URN handling...

9.8CVSS6AI score0.22744EPSS
Exploits1References1
OSV
OSV
added 2025/09/04 8:8 p.m.8 views

CLSA-2025-1757016520 squid34: Fix of CVE-2025-54574

CVE-2025-54574: fix buffer overflow in URN handling...

9.8CVSS7.5AI score0.22744EPSS
Exploits1References1
Veracode
Veracode
added 2025/08/25 8:28 a.m.6 views

Heap Buffer Overflow

libsquid.so is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper buffer management when processing URN requests, which may allow remote code execution...

9.8CVSS7.9AI score0.22744EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2025/08/25 1:54 a.m.4 views

squid: denial of service in URN processing

An input validation flaw was found in Squid. This issue could allow a malicious server in collaboration with a trusted client to consume arbitrarily large amounts of memory on the server running Squid. The highest threat from this vulnerability is to system availability...

7.5CVSS5.8AI score0.0745EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-54574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when...

9.8CVSS8.8AI score0.22744EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/08/04 12:0 a.m.7 views

The vulnerability of the Squid proxy server, related to buffer overflows in the dynamic memory when processing URN headers, allows attackers to execute arbitrary code.

The vulnerability of the Squid proxy server is related to the overflow of buffers in the dynamic memory during the processing of URN headers. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted HTTP requests...

9.3CVSS8.1AI score0.22744EPSS
Exploits1References7Affected Software4
OSV
OSV
added 2025/08/01 6:15 p.m.5 views

UBUNTU-CVE-2025-54574

Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access...

9.8CVSS7.8AI score0.22744EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/01/08 8:23 a.m.5 views

squid-cache: Squid Buffer Overflow

A heap-based buffer overflow flaw was found in the Squid caching proxy. When processing the Uniform Resource Name URNs, specific conditions can lead to remote code execution...

9.8CVSS6.3AI score0.22744EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.2 views

SUSE CVE-2019-12523

An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers,...

7.4CVSS6.9AI score0.04302EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2020/11/04 1:45 a.m.3 views

squid: Improper input validation in URI processor

An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers,...

9.1CVSS5.8AI score0.04302EPSS
Exploits0References5
OSV
OSV
added 2019/11/26 5:15 p.m.2 views

DEBIAN-CVE-2019-12526

An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data...

9.8CVSS7.2AI score0.20251EPSS
Exploits0References1
OSV
OSV
added 2019/11/26 5:15 p.m.2 views

UBUNTU-CVE-2019-12526

An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data...

9.8CVSS7AI score0.20251EPSS
Exploits0References4
Rows per page
Query Builder