Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4091
A vulnerability exists in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the ...
Samba Samba
Fedoraproject Fedora 39
Redhat Enterprise Linux 8.0
Redhat Storage 3.0
Redhat Enterprise Linux Eus 9.0
NA
CVE-2023-46848
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
Squid-cache Squid
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux Server Tus 9.2
NA
CVE-2023-46846
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote malicious user to perform Request/Response smuggling past firewall and frontend security systems.
Squid-cache Squid
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Eus 9.0
Redhat Enterprise Linux Server Tus 8.8
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Power Little Endian 8.0 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems 8.0 S390x
Redhat Enterprise Linux For Arm 64 8.0 Aarch64
Redhat Enterprise Linux Server Tus 9.2
NA
CVE-2023-46724
Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 up to and including 5.9 and 6.0 before 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This pro...
Squid-cache Squid
NA
CVE-2022-2127
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to ...
Samba Samba
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 12.0
NA
CVE-2022-41317
An issue exists in Squid 4.9 up to and including 4.17 and 5.0.6 up to and including 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixe...
Squid-cache Squid
NA
CVE-2022-41318
A buffer over-read exists in libntlmauth in Squid 2.5 up to and including 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these loc...
Squid-cache Squid
NA
CVE-2021-46784
In Squid 3.x up to and including 3.5.28, 4.x up to and including 4.17, and 5.x prior to 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
Squid-cache Squid
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
5
CVSSv2
CVE-2021-41611
An issue exists in Squid 5.0.6 up to and including 5.1.x prior to 5.2. When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted. This problem allows a remote server to obtain security trust well improperly. This indicati...
Squid-cache Squid
Fedoraproject Fedora 35
4
CVSSv2
CVE-2021-31807
An issue exists in Squid prior to 4.15 and 5.x prior to 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any...
Squid-cache Squid 2.5.stable6
Squid-cache Squid 2.6
Squid-cache Squid 2.5.stable9
Squid-cache Squid 2.7
Squid-cache Squid 2.5.stable4
Squid-cache Squid 2.5.stable7
Squid-cache Squid 2.5.stable14
Squid-cache Squid 2.5.stable2
Squid-cache Squid 2.5.stable5
Squid-cache Squid 2.5.stable12
Squid-cache Squid 2.5.stable13
Squid-cache Squid 2.5.stable11
Squid-cache Squid 2.5.stable3
Squid-cache Squid 2.5.stable8
Squid-cache Squid 2.5.stable10
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Manager -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »