Lucene search
K

541 matches found

Fedora
Fedora
added 2021/04/06 12:16 a.m.42 views

[SECURITY] Fedora 34 Update: squid-4.14-1.fc34

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

8.6CVSS8.8AI score0.08161EPSS
Exploits0
Snyk
Snyk
added 2021/04/05 12:11 p.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview locutus is a Locutus other languages' stadard libraries to JavaScript for fun and educational purposes Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the gopherparsedir function. PoC by Yeting Li var gopherparsedir =...

7.5CVSS6.7AI score0.01936EPSS
Exploits1References2
Hacker One
Hacker One
added 2020/12/06 2:20 a.m.20 views

Engel & Völkers Technology GmbH: Blind SSRF on infodesk.engelvoelkers.com via proxy.php

Summary: The application has a proxy.php file which basically accepts a parameter via url query parameter and passes it to fopen. However, it doesn't validate the parameter value prior to passing it to fopen- making it possible to influence what's being done. That said, because of code following...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/02 12:0 a.m.400 views

WonderCMS 3.1.3 Code Execution / Server-Side Request Forgery

Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2020/12/02 12:0 a.m.527 views

WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution

Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...

9.8CVSS9.7AI score0.45221EPSS
Exploits2
OSV
OSV
added 2020/11/03 12:32 p.m.29 views

ALSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...

9.9CVSS9.2AI score0.7179EPSS
Exploits0References19
OSV
OSV
added 2020/11/03 12:32 p.m.36 views

RLSA-2020:4743 Moderate: squid:4 security, bug fix, and enhancement update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. The following packages have been upgraded to a later upstream version: squid 4.11. BZ1829467 Security Fixes: squid: Improper input validation in request allows for proxy manipulation...

8.5CVSS9.1AI score0.7179EPSS
Exploits0References19
Rockylinux
Rockylinux
added 2020/11/03 12:32 p.m.40 views

squid:4 security, bug fix, and enhancement update

An update is available for libecap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Squid is a high-performance proxy caching server for web clients, supporting...

9.9CVSS8.7AI score0.7179EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/09/04 12:0 a.m.31 views

Fedora: Security Advisory for squid (FEDORA-2020-73af8655eb)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS7.2AI score0.02526EPSS
Exploits0References2
Fedora
Fedora
added 2020/09/03 4:40 p.m.35 views

[SECURITY] Fedora 32 Update: squid-4.13-1.fc32

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

8.6CVSS7.8AI score0.05162EPSS
Exploits0
Gitee
Gitee
added 2020/06/26 11:0 a.m.3 views

Gopherus

This is a Python script for generating gopher links to exploit Server-Side Request Forgery SSRF vulnerabilities in various servers. The script is designed to be used with the Metasploit framework. The script defines several classes for different types of servers, including MySQL, FastCGI,...

7.4AI score
Exploits0
Fedora
Fedora
added 2020/05/16 3:40 a.m.46 views

[SECURITY] Fedora 32 Update: squid-4.11-1.fc32

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

9.8CVSS8.9AI score0.7179EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/05/06 12:0 a.m.37 views

RHEL 8 : squid:4 (RHSA-2020:2041)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2041 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid:...

9.8CVSS6.8AI score0.27246EPSS
Exploits0References8
Veracode
Veracode
added 2020/04/10 1:5 a.m.25 views

Denial Of Service (DoS)

Squid is vulnerable to denial of service DoS. A buffer overflow flaw was found in the way Squid parsed replies from remote Gopher servers. A remote user allowed to send Gopher requests to a Squid proxy could possibly use this flaw to cause the squid child process to crash or execute arbitrary cod...

6.8CVSS6.2AI score0.27454EPSS
Exploits0References27Affected Software1
Veracode
Veracode
added 2020/04/10 12:50 a.m.28 views

Cross-Site Scripting (XSS)

firefox is vulnerable to cross-site scripting XSS. A flaw was found in the way the Gopher parser in Firefox converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running Firefox, allow arbitrary JavaScript to be executed in the context of the Gopher...

4.3CVSS1.8AI score0.02064EPSS
Exploits0References22Affected Software4
OpenVAS
OpenVAS
added 2020/04/04 12:0 a.m.34 views

Fedora: Security Advisory for squid (FEDORA-2020-790296a8f4)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8AI score
Exploits0References2
Fedora
Fedora
added 2020/04/03 6:3 p.m.38 views

[SECURITY] Fedora 30 Update: squid-4.10-3.fc30

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

7.5CVSS7.7AI score0.7179EPSS
Exploits0
Hacker One
Hacker One
added 2020/03/05 5:55 a.m.31 views

PlayStation: SSRF on image renderer

Summary: image.api.np.km.playstation.net allows image urls to be passed via the image parameter It is possible to use this endpoint to send Gopher requests that result in SMTP messages being sent Steps To Reproduce: 1. Create a Gopher redirect PHP file to save to your server ', 'RCPT TO: ', 'DATA...

Exploits0
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.36 views

Fedora Update for squid FEDORA-2019-9538783033

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1CVSS7.9AI score0.40982EPSS
Exploits0References2
Fedora
Fedora
added 2019/12/05 1:12 a.m.37 views

[SECURITY] Fedora 30 Update: squid-4.9-2.fc30

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

9.8CVSS8AI score0.74477EPSS
Exploits1
Rows per page
Query Builder