94 matches found
Amazon Linux 2023 : squid (ALAS2023-2024-578)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-578 advisory. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing...
ROS-20240329-02
A vulnerability in the Squid proxy server is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Amazon Linux 2 : squid (ALAS-2024-2433)
The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2433 advisory. Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial...
Medium: squid
Issue Overview: Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error page...
SUSE SLES12 Security Update : squid (SUSE-SU-2024:0296-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0296-1 advisory. - Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1...
SUSE SLES15 Security Update : squid (SUSE-SU-2024:0298-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0298-1 advisory. - Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1...
CVE-2024-23638
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client...
CVE-2024-23638
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client...
Design/Logic Flaw
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client...
CVE-2024-23638 SQUID-2023:11 Denial of Service in Cache Manager
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client...
CVE-2023-48696
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include components in host class,...
Null pointer dereference
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host...
CVE-2023-48698 Azure RTOS USBX Remote Code Execution Vulnerability
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host...
CVE-2023-48694
CVE-2023-48694 : Azure RTOS USBX contains an expired pointer dereference and type confusion vulnerability that can lead to remote code execution. Affected: USBX in RTOS v6.2.1 and earlier (host stack, host class, device-linked classes such as ASIX, Prolific, SWAR, audio, CDC ECM). Root cause: poi...
CVE-2023-48694 Azure RTOS USBX Remote Code Execution Vulnerability
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include...
Azure RTOS USBX Security Vulnerability
Azure RTOS USBX is a USB host, device, and mobile OTG embedded stack for Azure RTOS open source. Fully integrated with Azure RTOS ThreadX, it is available for all processors that support Azure RTOS ThreadX. A security vulnerability exists in Azure RTOS USBX versions prior to 6.3.0 that stems from...
PT-2023-7500 · Microsoft · Azure Rtos Usbx
Name of the Vulnerable Software and Affected Versions: Azure RTOS USBX versions prior to 6.3.0 Description: The issue is related to expired pointer dereference vulnerabilities in Azure RTOS USBX, which can lead to remote code execution. The affected components include functions and processes in t...
CVE-2023-26463
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...
AZL-26300 CVE-2023-26463 affecting package strongswan for versions less than 5.9.10-1
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...
Null pointer dereference
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...