Lucene search
K

541 matches found

Positive Technologies
Positive Technologies
added 2025/02/19 12:0 a.m.5 views

PT-2025-7409 · Hitachi Vantara · Hitachi Vantara Pentaho Business Analytics Server

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.0 Hitachi Vantara Pentaho Business Analytics Server versions prior to 9.3.0.9 Hitachi Vantara Pentaho Business Analytics Server version 8.3.x Description: The web serv...

8.6CVSS7.2AI score0.00476EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/02/05 2:25 a.m.6 views

CVE-2024-24890

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in openEuler gala-gopher on Linux allows Command Injection. This vulnerability is associated with program files...

7.8CVSS7.7AI score0.01051EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/18 1:31 a.m.23 views

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...

7.5CVSS7.1AI score0.45289EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2024/11/14 12:0 a.m.30 views

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Denial of Service processing ESI response content...

7.5CVSS6.8AI score0.6005EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.59 views

CentOS 7 : squid (RHSA-2024:1787)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1787 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4...

8.6CVSS6.7AI score0.88864EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/08/27 6:31 p.m.16 views

Moderate: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

6.3CVSS6.6AI score0.06255EPSS
Exploits0References2
Gitee
Gitee
added 2024/04/26 3:33 p.m.104 views

Gopherus

This tool, Gopherus, is designed to generate gopher links for exploiting Server-Side Request Forgery SSRF and gaining Remote Code Execution RCE in various servers. The tool supports multiple protocols and services, including MySQL, PostgreSQL, FastCGI, Memcached, Redis, Zabbix, and SMTP. The tool...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/12 12:0 a.m.37 views

Oracle Linux 7 : squid (ELSA-2024-1787)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1787 advisory. - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing 778 - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manag...

8.6CVSS6.9AI score0.95785EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2024/04/11 5:0 p.m.3 views

squid: NULL pointer dereference in the gopher protocol code

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid. This issue may lead to a remote denial ...

7.5CVSS5.8AI score0.05955EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/11 5:0 p.m.61 views

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.6CVSS6.8AI score0.88864EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/04/11 12:0 a.m.46 views

RHEL 7 : squid (RHSA-2024:1787)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1787 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: deni...

8.6CVSS7.1AI score0.88864EPSS
Exploits0References14
NVD
NVD
added 2024/03/25 7:15 a.m.9 views

CVE-2024-24890

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in openEuler gala-gopher on Linux allows Command Injection. This vulnerability is associated with program files...

7.8CVSS7.7AI score0.01051EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/03/25 7:9 a.m.18 views

CVE-2024-24890 Command injection in ioprobe of gala-gopher

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in openEuler gala-gopher on Linux allows Command Injection. This vulnerability is associated with program files...

7.8CVSS7.9AI score0.01051EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/03/25 7:9 a.m.12 views

CVE-2024-24890 Command injection in ioprobe of gala-gopher

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in openEuler gala-gopher on Linux allows Command Injection. This vulnerability is associated with program files...

7.8CVSS7.3AI score0.01051EPSS
Exploits0References6
CVE
CVE
added 2024/03/25 7:9 a.m.54 views

CVE-2024-24890

CVE-2024-24890 affects gala-gopher (openEuler) up to and including version 1.0.2, with an OS command injection in the ioprobe.c component of the eBPF-based probes framework. The vulnerability allows local command execution with low privileges and no user interaction, and has high impact on confid...

7.8CVSS7.7AI score0.01051EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/03/25 12:0 a.m.3 views

gala-gopher 安全漏洞

gala-gopher is a low overhead probing framework based on eBPF. A security vulnerability exists in gala-gopher version 1.0.2 and prior versions, which stems from an operating system command injection issue...

7.8CVSS7.1AI score0.01051EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.4 views

PT-2024-20646 · Linux +1 · Linux +2

Name of the Vulnerable Software and Affected Versions: openEuler gala-gopher versions through 1.0.2 Description: The issue is related to an Improper Neutralization of Special Elements used in an OS Command, also known as 'OS Command Injection', which allows Command Injection in openEuler...

7.8CVSS6.8AI score0.01051EPSS
Exploits0References11
OSV
OSV
added 2024/03/19 12:0 a.m.38 views

ALSA-2024:1376 Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: denial of service in HTTP header parser CVE-2024-25617 squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 squid: denial of service in HTTP request...

8.6CVSS7.4AI score0.88864EPSS
Exploits0References8
OSV
OSV
added 2024/03/19 12:0 a.m.39 views

ALSA-2024:1375 Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: denial of service in HTTP header parser CVE-2024-25617 squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 squid: denial of service in HTTP request...

8.6CVSS7.4AI score0.88864EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2024/03/19 12:0 a.m.62 views

Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: denial of service in HTTP header parser CVE-2024-25617 squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 squid: denial of service in HTTP request...

8.6CVSS7.3AI score0.88864EPSS
Exploits0References8
Rows per page
Query Builder