2151 matches found
CVE-2019-17569
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located...
Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-4289-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4289-1 advisory. Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue ...
Apache Tomcat 9.0.0.M1 < 9.0.31 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 9.0.31. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.31security-9 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to...
USN-4289-1 squid, squid3 vulnerabilities
Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. CVE-2019-12528 Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote...
ALPINE-CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
DEBIAN-CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
UBUNTU-CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
Buffer overflow
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
CVE-2020-8450
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...
CVE-2020-8450
CVE-2020-8450 affects Squid prior to 4.10, caused by incorrect buffer management in reverse-proxy mode, allowing a remote client to trigger a buffer overflow. Connected advisories confirm a fix was released (e.g., updates to Squid 4.11+/4.10-era patches) across multiple distributions (CloudLinux,...
Catastrophic backtracking in regex allows Denial of Service in Waitress
Impact When waitress receives a header that contains invalid characters it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This would allow an attacker to send a single request with an invalid...
InspIRCd websocket module double free vulnerability
The InspIRCd development team reports: The websocket module before v3.8.1 contains a double free vulnerability. When combined with a HTTP reverse proxy this vulnerability can be used by any user who is GKZ-lined to remotely crash an InspIRCd server...
CVE-2011-3621
A reverse proxy issue exists in FluxBB before 1.4.7 when FORUMBEHINDREVERSEPROXY is enabled...
Authentication flaw
A reverse proxy issue exists in FluxBB before 1.4.7 when FORUMBEHINDREVERSEPROXY is enabled...
CVE-2011-3621
The CVE-2011-3621 entry concerns a reverse proxy handling flaw in FluxBB prior to 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled. The description is supported by the NVD entry, which lists a CVSS2 base score of 7.5 (HIGH) and a CVSS3.1 base score of 9.8 (CRITICAL), indicating a potentially seve...
CVE-2011-3621
A reverse proxy issue exists in FluxBB before 1.4.7 when FORUMBEHINDREVERSEPROXY is enabled...