SUSE CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

Micro Focus GroupWise Session ID Disclosure Vulnerability

Micro Focus GroupWise is a messaging software for email and personal information management. Trovent Security GmbH discovered that the GroupWise web application transmits the session ID in HTTP GET requests in the URL when email content is accessed. The exposed session ID can be recorded in the...

Critical: cacti

Issue Overview: A flaw was found in how Cacti grants authorization based on IP address which allows authentication bypass, and possibly arbitrary command execution if a polleritem configured with a POLLERACTIONSCRIPTPHP action is present. This updated cacti package adds a feature allowing an...

[Citrix Gateway] Can't Launch ICA Desktop/App with Error: 2517

You may observe ICA launch failures with error: 2517 through NetScaler gateway ICA proxy vServer. The issue happens when EDTAdaptive transport is enabled randomly...

Debian: Security Advisory (DSA-5311-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WhatsApp Introduces Proxy Support to Help Users Bypass Internet Censorship

Popular instant messaging service WhatsApp has launched support for proxy servers in the latest version of its Android and iOS apps, letting users circumvent government-imposed censorship and internet shutdowns. "Choosing a proxy enables you to connect to WhatsApp through servers set up by...

Fedora: Security Advisory for trafficserver (FEDORA-2022-62b61a8542)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the SSL-VPN portal for operating systems FortiOS and the proxy server used for protecting against internet attacks by FortiProxy allows attackers to induce a service failure.

The vulnerability of the SSL-VPN portal for FortiOS operating systems and the FortiProxy proxy server used to protect against internet attacks is related to access to an uninitialized pointer. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending a...

Exploit for Improper Access Control in Webmin

WebminRCE-exploit CVE-2022-0824, CVE-2022-0829 - File Manger p...

ROS-20221108-01

A vulnerability in the cURL command line utility is related to an error in parsing URLs with IDN characters that are replaced by ASCII analogs during IDN conversion. Exploitation of the vulnerability could allow an attacker acting remotely to bypass curl's HSTS inspection and force it to Use the...

Red Hat OpenShift 安全漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying, and running applications. A security vulnerability exists in Red Hat OpenShift. An attacker exploited the vulnerability to read pem files on a proxy server...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2022:6839 Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

Important: squid security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

[SECURITY] Fedora 35 Update: squid-5.7-1.fc35

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

Important: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

[SECURITY] Fedora 37 Update: squid-5.7-1.fc37

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

RLSA-2022:6775 Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

CVE-2022-28815

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service...