Critical: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Squid Code Problem Vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A code issue vulnerability exists in versions prior to Squid 6.0.1 that stems from a NULL pointer dereference, which c...

Fedora: Security Advisory (FEDORA-2023-807f4500f3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: squid-6.4-1.fc38

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

Critical: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Critical: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Critical: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Critical: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: SQUID-2023:3 squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 SQUID-2023:1 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 Fo...

Critical: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: SQUID-2023:3 squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 SQUID-2023:1 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846...

The vulnerability of SAP PowerDesigner, a tool for modeling enterprise architecture, related to inadequate access control, allows attackers to execute arbitrary queries against the internal database.

The vulnerability of SAP PowerDesigner, a tool for modeling enterprise architecture, is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary queries against the internal database through a proxy server...

Advisory ROSA-SA-2023-2273

software: squid 5.9 WASP: ROSA-CHROME packageevrstring: squid-5.9-1.src.rpm CVE-ID: CVE-2021-46784 BDU-ID: 2022-04051 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server's implementation of the Gopher network protocol is associated with the use of assert or a similar operator...

Moderate: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2023:5711 Moderate: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...

Moderate: nginx:1.22 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...

Moderate: nginx:1.20 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...

K20850144: BIG-IP and BIG-IQ DB variable vulnerability CVE-2023-41964

Security Advisory Description The BIG-IP and BIG-IQ systems do not encrypt the values of two Database DB variables, a password used for a proxy server connection and a RADIUS/TACACS+ shared secret. CVE-2023-41964 Impact An authenticated attacker may be able to gain access to privileged informatio...

PYSEC-2023-310

Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...

CVE-2023-42261

Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...

Authentication flaw

DISPUTED Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for...

CVE-2023-42261

Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...