Double free

Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service crash via a crafted Edge Side Includes ESI response...

CVE-2016-4555

clientsiderequest.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service crash via crafted Edge Side Includes ESI responses...

UBUNTU-CVE-2016-4556

Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service crash via a crafted Edge Side Includes ESI response...

CVE-2016-4054

Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes ESI responses...

CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

Stack overflow

Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes ESI responses...

CVE-2016-4054

Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes ESI responses...

EUVD-2016-5055

Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes ESI responses...

CVE-2016-4052

Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes ESI responses...

UBUNTU-CVE-2016-4054

Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes ESI responses...

UBUNTU-CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

UBUNTU-CVE-2016-4052

Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes ESI responses...

uspenie.paskha.ru XSS vulnerability

Vulnerable URL: http://uspenie.paskha.ru/includes/player.php?url=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 3 VIP website status:| N...

WordPress <= 4.2.1 - XSS

This vulnerability in wp-includes/wp-db.php allows an attacker to inject arbitrary web script or HTML via a long comment which is improperly stored because there are some limitations on the MySQL TEXT data type. Solution Update WordPress...

Squid Denial of Service Vulnerability (CNVD-2016-01441)

Squid full name Squid Cache is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A security vulnerability exists in the Edge Side Includes ESI parser in Squid versions 3.x prior...

CVE-2016-2570

The Edge Side Includes ESI parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a crafted XML document, related to esi/CustomParser.cc and...

UBUNTU-CVE-2016-2570

The Edge Side Includes ESI parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a crafted XML document, related to esi/CustomParser.cc and...

SIMOGEO FileManager 2.3.0 Path Traversal

Exploit Title: SIMOGEO FileManager 2.3.0 - Path Traversal Vulnerability Date: 2015-12-09 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone http://github.com/simogeo/Filemanager.git Version: 2.3.0...

WordPress <= 4.4.0 - Multiple XSS

Multiple cross site scripting vulnerabilities were found in wp-includes/class-wp-theme.php. These vulnerabilities allow the attackers to inject arbitrary web script or HTML via a 1. stylesheet name or 2. template name to wp-admin/customize.php. Solution Upgrade WordPress...

WordPress Gallery - Photo Albums - Portfolio plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Gallery - Photo Albums - Portfolio is a combination plugin for creating photo galleries, photo albums and rotating video and audio. A cross-site scripting...