Lucene search
K

410 matches found

CNNVD
CNNVD
added 2025/06/19 12:0 a.m.4 views

Apache Traffic Server(ATS) 资源管理错误漏洞

Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. A resource management error vulnerability exists in Apache Traffic Server ATS versions 10.0.0 through 10.0.5 and 9.0.0 through 9.2.10, which stems from the ESI plugin not...

7.5CVSS6.8AI score0.00632EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 5:57 a.m.5 views

CVE-2023-4372

The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'esi' shortcode in versions up to, and including, 5.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS6.1AI score0.19684EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.7 views

RHEL 9 : squid (RHSA-2024:9625)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9625 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of...

7.5CVSS7.3AI score0.45289EPSS
Exploits0References4
OSV
OSV
added 2025/01/14 1:9 p.m.5 views

CLSA-2025-1736860159 squid: Fix of 2 CVEs

CVE-2024-23638: Fix Denial of Service attack against Cache Manager error responses - CVE-2024-37894: Fix Out-of-bounds Write error when assigning ESI variables...

6.5CVSS6.8AI score0.6005EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-25773 · Apache +1 · Apache Traffic Server +1

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 9.0.0 through 9.2.10 Apache Traffic Server versions 10.0.0 through 10.0.5 Description: The issue allows excessive memory consumption if malicious instructions are inserted due to the lack of a limit for maximum...

7.5CVSS6.1AI score0.00632EPSS
Exploits0References33
RedhatCVE
RedhatCVE
added 2024/12/29 2:49 p.m.12 views

CVE-2024-56620

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

5.5CVSS6.7AI score0.00202EPSS
Exploits0References4
NVD
NVD
added 2024/12/27 3:15 p.m.18 views

CVE-2024-56620

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

5.5CVSS0.00202EPSS
Exploits0References3
OSV
OSV
added 2024/12/27 3:15 p.m.6 views

AZL-55183 CVE-2024-56620 affecting package kernel for versions less than 6.6.90.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

5.5CVSS6.7AI score0.00202EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.1 views

UBUNTU-CVE-2024-56620

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

5.5CVSS6.2AI score0.00202EPSS
Exploits0References19
Cvelist
Cvelist
added 2024/12/27 2:51 p.m.23 views

CVE-2024-56620 scsi: ufs: qcom: Only free platform MSIs when ESI is enabled

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

0.00202EPSS
Exploits0References3
CVE
CVE
added 2024/12/27 2:51 p.m.128 views

CVE-2024-56620

In CVE-2024-56620, the Linux kernel fix targets the SCSI: ufs: qcom path. The bug occurs when platform MSI resources are freed even if ESI is not enabled, leading to a NULL pointer dereference (Unable to handle kernel NULL pointer dereference at 0x8) during device removal. The impact is a local f...

5.5CVSS6.4AI score0.00202EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2024/12/27 2:51 p.m.9 views

CVE-2024-56620

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

5.5CVSS5.6AI score0.00202EPSS
Exploits0
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference issue in the scsi ufs driver caused by not properly releasing platform MSIs when...

5.5CVSS6.5AI score0.00202EPSS
Exploits0References2
Redos
Redos
added 2024/12/03 12:0 a.m.10 views

ROS-20241203-14

Squid proxy server vulnerability is related to errors in input data processing. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by sending specially crafted ESI packets. specially crafted ESI packets...

7.5CVSS7.2AI score0.45289EPSS
Exploits0
OSV
OSV
added 2024/11/27 10:41 a.m.5 views

CLSA-2024-1732704094 squid: Fix of CVE-2024-45802

CVE-2024-45802: disable ESI...

7.5CVSS7.1AI score0.45289EPSS
Exploits0References1
CloudLinux
CloudLinux
added 2024/11/27 10:12 a.m.18 views

squid: Fix of CVE-2024-45802

CVE-2024-45802: disable ESI...

7.5CVSS6.6AI score0.45289EPSS
Exploits0
CloudLinux
CloudLinux
added 2024/11/27 10:10 a.m.18 views

squid34: Fix of CVE-2024-45802

CVE-2024-45802: disable ESI...

7.5CVSS6.6AI score0.45289EPSS
Exploits0
OSV
OSV
added 2024/11/27 10:7 a.m.4 views

CLSA-2024-1732702046 squid: Fix of CVE-2024-45802

CVE-2024-45802: Fix DoS by a trusted server by disabling ESI...

7.5CVSS5.8AI score0.45289EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2024/11/20 12:0 a.m.25 views

squid security update

7:3.5.20-17.0.3 - Disable ESI support CVE-2024-45802Orabug: 37289058...

7.5CVSS6.9AI score0.45289EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/19 12:0 a.m.10 views

RockyLinux 8 : squid:4 (RLSA-2024:9644)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9644 advisory. squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Denial of Service processing ESI response...

7.5CVSS6.8AI score0.6005EPSS
Exploits1References5
Rows per page
Query Builder