Lucene search
K

86 matches found

CVE
CVE
added 2018/08/29 1:0 p.m.76 views

CVE-2018-8005

CVE-2018-8005 affects Apache Traffic Server (ATS). When a range request contains multiple ranges, ATS reads the entire object from cache, causing potential performance degradation for large cached objects. Affected versions are 6.0.0–6.2.2 and 7.0.0–7.1.3. Mitigation: upgrade to 6.2.3 or later fo...

5.3CVSS6AI score0.06895EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2018/08/29 1:0 p.m.28 views

CVE-2018-8005

When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...

6.1AI score0.06895EPSS
Exploits0References5
NVD
NVD
added 2016/05/25 1:59 a.m.21 views

CVE-2016-1381

Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via an HTTP file-range request for cached content, aka Bug ID CSCuw97270...

7.8CVSS7.5AI score0.01389EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/05/23 12:0 a.m.18 views

Cisco WSA Multiple Vulnerabilities 05/16

Cisco WSA Software is prone to multiple vulnerabilities. CVE-2016-1380 A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the...

7.8CVSS7.7AI score0.01931EPSS
Exploits0References4
CISA
CISA
added 2016/05/18 12:0 a.m.15 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in its Web Security Appliance software. Exploitation of these vulnerabilities could cause a denial-of-service-condition on an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories a...

6.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2016/05/13 1:24 p.m.42 views

Cerber Ransomware On The Rise, Fueled By Dridex Botnet

Starting in April security experts at FireEye spotted a massive uptick in Cerber ransomware attacks delivered via a rolling wave of spam. Researchers there link the Cerber outbreaks to the fact that attackers are now leveraging the same spam infrastructure credited for making the potent Dridex...

10CVSS0.8AI score0.22487EPSS
Exploits0References2
FireEye
FireEye
added 2016/05/12 1:30 p.m.52 views

Cerber Ransomware Partners with the Dridex Spam Distributor

Cerber ransomware incorporates the unusual feature of “speaking” its ransom message after successfully infecting a user machine and encrypting files. Cerber was first seen in the wild at the end of February 2016 and was observed being delivered mostly via exploit kits EK, notably using Magnitude...

0.1AI score
Exploits0
FireEye
FireEye
added 2016/05/12 1:30 p.m.19 views

Cerber Ransomware Partners with the Dridex Spam Distributor

Cerber ransomware incorporates the unusual feature of “speaking” its ransom message after successfully infecting a user machine and encrypting files. Cerber was first seen in the wild at the end of February 2016 and was observed being delivered mostly via exploit kits EK, notably using Magnitude...

6.9AI score
Exploits0
CISA
CISA
added 2015/11/04 12:0 a.m.10 views

Cisco Releases Security Updates for Web Security Appliances

Cisco has released security updates to address multiple vulnerabilities in Web Security Appliances. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of the affected network device. Users and administrators are encouraged to review the Cisco Security...

7.1AI score
Exploits0References3
Debian CVE
Debian CVE
added 2015/10/19 10:0 a.m.35 views

CVE-2015-0275

The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...

4.9CVSS5.8AI score0.00457EPSS
Exploits0
Cvelist
Cvelist
added 2015/10/19 10:0 a.m.30 views

CVE-2015-0275

The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...

5AI score0.00457EPSS
Exploits0References11
CVE
CVE
added 2015/10/19 10:0 a.m.140 views

CVE-2015-0275

CVE-2015-0275 affects the Linux kernel ext4 subsystem: the ext4_zero_range function in fs/ext4/extents.c allows local users to trigger a denial of service via a crafted fallocate zero-range request. The linked MiracleLinux/Unity Linux Nessus entries reproduce this: the vulnerability is described ...

4.9CVSS4.8AI score0.00457EPSS
Exploits0References11Affected Software1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.48 views

Squid HTTP Range Request Handling DoS Vulnerability (SQUID-2014:2)

Squid is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid";...

5CVSS6.2AI score0.5622EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2015/02/23 12:0 a.m.35 views

CVE-2015-0275

The ext4zerorange function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service BUG via a crafted fallocate zero-range request...

4.9CVSS6.8AI score0.00457EPSS
Exploits0References7
securityvulns
securityvulns
added 2014/09/02 12:0 a.m.49 views

squid DoS

DoS via Range: request...

5CVSS2.7AI score0.5622EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.49 views

squid DoS

DoS via Range: request if SSL-Bump is allowed...

5CVSS3.3AI score0.3263EPSS
Exploits1References1Affected Software1
RedHat Linux
RedHat Linux
added 2014/06/03 4:16 p.m.3 views

squid: denial of service when using SSL-Bump

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...

5CVSS7.4AI score0.3263EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2014/04/14 3:9 p.m.30 views

CVE-2014-0128

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...

5CVSS7.2AI score0.3263EPSS
Exploits1References2
OSV
OSV
added 2014/04/14 3:9 p.m.2 views

UBUNTU-CVE-2014-0128

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...

5CVSS7.3AI score0.3263EPSS
Exploits1References3
Prion
Prion
added 2014/04/14 3:9 p.m.28 views

Server side request forgery (ssrf)

Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service assertion failure via a crafted range request, related to state management...

5CVSS6.8AI score0.3263EPSS
Exploits1References9Affected Software2
Rows per page
Query Builder