1314 matches found
CVE-2024-20490 Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...
ROS-20241001-03
An HTTP server vulnerability for Ruby/Rack application Puma is related to a flaw in HTTP request handling. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTTP request HTTP Request Smuggling attack The HTTP server...
RHSA-2008:0263 Red Hat Security Advisory: Red Hat Network Proxy Server security update
Bulletin has no description...
RHSA-2008:0627 Red Hat Security Advisory: Red Hat Network Proxy Server security update
Bulletin has no description...
puppet-foreman: An authentication bypass vulnerability exists in Foreman
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's modproxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing...
Moderate: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Debian dsa-5751 : squid - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5751 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5751-1 [email protected] https://www.debian.org/security/ Moritz...
ROS-20240812-05
Squid proxy server followxforwardedfor function vulnerability is related to uncontrolled recursion when processing X-Forwarded-For HTTP request headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20240812-09
A vulnerability in the HttpStateData function of the Chunked decoder of the Squid proxy server is related to a buffer overflow on the stack as a result of uncontrolled recursion while processing HTTP messages. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
ROS-20240812-07
Squid proxy server vulnerability is related to uncontrolled resource consumption as a result of filtering and data reduction to an unsafe value when processing HTTP header length. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service by...
ROS-20240812-04
A vulnerability in the Collapsed Forwarding Handler component of the Squid proxy server is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the Squid proxy server component is...
Fedora: Security Advisory (FEDORA-2024-8ca9261bdd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROS-20240729-20
Squid proxy server vulnerability is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
TxtDot 安全漏洞
TxtDot is an HTTP proxy from the TxtDot open source. A security vulnerability exists in TxtDot version 1.4.0 through versions prior to 1.6.1. A remote attacker could exploit the vulnerability to send HTTP GET requests to arbitrary targets using the server as a proxy and retrieve information on an...
Moderate: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ALSA-2024:4861 Moderate: squid security update
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Out-of-bounds write error may lead to Denial of Service...
[NetScaler] Squid may record "error:transaction-end-before-headers" when be the service of LB
In a NetScaler Load Balancing deployment, you may have a Squild proxy server configured as a NetScaler LB Service. And you may observe "error:transaction-end-before-headers" recorded on Squid server. The error apears periodically with several seconds interval. Log sample: Timestamp xxxx...
GO-2024-2445 Withdrawn Advisory: SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport
Withdrawn Advisory: SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...
CVE-2024-22276
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are logged...
CVE-2024-22276
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are logged...