squid: Buffer over-read in the HTTP Message processing feature

A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service...

AZL-32072 CVE-2023-49285 affecting package squid 5.7-5

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds fo...

DEBIAN-CVE-2023-49285

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds fo...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from information disclosure in the WLAN HAL when processing WMI status message commands...

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...

Design/Logic Flaw

A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...

CVE-2022-20917

CVE-2022-20917 describes a vulnerability in the XMPP message processing feature of Cisco Jabber. The issue arises from improper handling of nested XMPP messages in requests, enabling an authenticated, remote attacker to manipulate the content of XMPP messages used by the Jabber client and potenti...

Code injection

Processing an incomplete post-handshake message for a QUIC connection can cause a panic...

Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform

Cisco has released security fixes to address multiple security flaws, including a critical bug, that could be exploited by a threat actor to take control of an affected system or cause a denial-of service DoS condition. The most severe of the issues is CVE-2023-20238, which has the maximum CVSS...

CVE-2023-28513

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397...

PT-2023-21771 · Ibm · Ibm Mq Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.0 LTS through 9.3 LTS IBM MQ versions 9.2 CD through 9.3 CD IBM MQ Appliance versions 9.2 LTS through 9.3 LTS IBM MQ Appliance versions 9.2 CD through 9.2 LTS Description: The issue is caused by an error processing messages,...

IBM MQ Denial of Service (7007421)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7007421 advisory. - A denial of service DoS vulnerability exists in IBM MQ due to improper message processing. An unauthenticated, remote attacker can exploit this issue, via specially...

The vulnerability of the bgpd software module for implementing network routing on Unix-like systems allows a hacker to cause service interruptions.

The vulnerability of the bgpd software module for implementing routing on Unix-like systems is related to the issue where an operation is executed outside the buffer in memory when processing BGP OPEN messages with a length of one octet or word. Exploiting this vulnerability allows a remote...

CVE-2022-36059 Prototype pollution in matrix-js-sdk

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...

Memory corruption

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg...

UBUNTU-CVE-2023-0616

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this...

CVE-2021-43529

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...

CVE-2021-43529

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...

SUSE CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...