FreeBSD : www/nginx -- Remote Code Execution/DoS (3414ac89-4f9f-11f1-a1c0-0050569f0b83)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3414ac89-4f9f-11f1-a1c0-0050569f0b83 advisory. nginx development team reports: When using the proxysetbody directive, an attacker might injec...

MiracleLinux 4 : httpd-2.2.15-9.3.0.1.AXS4 (AXSA:2012-07:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-07:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2011-3348 The modproxyajp...

EUVD-2017-14740

Malware in sbrugna...

EUVD-2022-1439

Malicious code in bioql PyPI...

CVE-2023-33977

Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded...

CVE-2024-36403 Denial of service/high operating costs through unauthenticated downloads in Matrix Media Repo

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 is vulnerable to unbounded disk consumption, where an unauthenticated adversary can induce it to download and cache large amounts of remote media files. MMR's typical operating...

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

"Check for Available Renewals" may show error banner "citrixservices.citrix.com is unreachable"

When user clicks "Check for Available Renewals" button in Citrix License Server Console, error banner "citrixservices.citrix.com is unreachable. The server might be offline or there might be Internet, Proxy, or Firewall issues. " may appear. Actually, the affected license server is able to reach...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from the fact that when mounting a remote filesystem using NFS, the kernel does not clean up the remotely supplied filename, which can lead to proxy problems...

OPENSUSE-SU-2023:0369-1 Security update for connman

This update for connman fixes the following issues: Update to 1.42 Fix issue with iwd and signal strength calculation. Fix issue with iwd and handling service removal. Fix issue with iwd and handling new connections. Fix issue with handling default online check URL. Fix issue with handling...

[H1] Some admins functions are unusable because of misuse of variables in upgradeable contracts

Lines of code Vulnerability details Impact ​ Admin functions in NFTCollectionFactor.sol are unusable through a proxy Proof of Concept ​ Upgradeable contracts cannot use neither constructors nor use immutable variables. The reason for that is they work behind a proxy which calls them using...

Connector Connectivity Check Tool Reporting unable to connect to messaging

When SSL decryption is enabled on certain proxies Ex: Barracuda, WebSense, some services may have trouble connecting to the platform...

USN-5090-4 apache2 regression

USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote...

SUSE-SU-2017:0190-1 Security update for nginx-1.0

This update for nginx-1.0 fixes the following issues: This security issues fixed: - CVE-2016-4450: NULL pointer dereference while writing client request body bsc982505. - CVE-2016-1000105: Setting HTTPPROXY environment variable via Proxy header httpoxy bnc988491...

gigafast.txt

This router is/was widely sold in CompUSA stores. It is a Gigafast router, re-branded as a CompUSA router. All firmware versions are affected. When reported to the manufacturer on 5/13/04, I had received a response stating that the information would be passed on to firmware developer. Almost a ye...

Important: Red Hat Security Advisory: squid security update

New Squid packages are available which fix various issues. Squid is a high-performance proxy caching server. The following summary describes the various issues found and fixed: Several buffer overflows have been found in the MSTN auth helper msntauth when configured to use denyusers or allowusers...

DoS против Netscape Fasttrack

Большое число запросов к несуществующим страницам приводит к утечке памяти в прокси...

Security Update for ISA Server 2006 Supportability Pack (KB 968078)

This update resolves the issues described in Knowledge Base article 968078 ISA Server 2006: • ISA Server 2006 Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets. • ISA Server 2006 forms-based authentication may allow a browser to be...

Security Update for ISA Server 2004 Standard Edition (KB 960995)

This update resolves the issues described in Knowledge Base articles 960995 ISA Server 2004: • ISA Server 2004 Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets...

Security Update for Forefront Threat Management Gateway, Medium Business Edition (KB 968075)

This update resolves the issues described in Knowledge Base article 968075 Forefront TMG, Medium Business Edition: • Forefront TMG MBE Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets. • Forefront TMG MBE forms-based authentication m...