Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid-cache squid vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-18679
An issue exists in Squid 2.x, 3.x, and 4.x up to and including 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocatio...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2019-12854
Due to incorrect string termination, Squid cachemgr.cgi 4.0 up to and including 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.
Squid-cache Squid
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
445
VMScore
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable v...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
445
VMScore
CVE-2018-1000027
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be e...
Squid-cache Squid
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
445
VMScore
CVE-2016-10002
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 up to and including 3.1.23, 3.2.0.3 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 leads to client-specific Cookie data being leaked to other clients. Atta...
Debian Debian Linux 8.0
Squid-cache Squid 3.1.12
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.21
Squid-cache Squid 3.1.22
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.16
Squid-cache Squid 3.1.10
Squid-cache Squid 3.1.11
Squid-cache Squid 3.1.19
Squid-cache Squid 3.1.20
Squid-cache Squid 3.1.23
Squid-cache Squid 3.1.17
Squid-cache Squid 3.1.18
Squid-cache Squid 3.2.0.14
Squid-cache Squid 3.2.0.15
Squid-cache Squid 3.2.0.6
Squid-cache Squid 3.2.0.7
Squid-cache Squid 3.2.13
Squid-cache Squid 3.2.2
Squid-cache Squid 3.2.9
Squid-cache Squid 3.2.14
445
VMScore
CVE-2016-10003
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 up to and including 3.5.22, and 4.0.1 up to and including 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
Squid-cache Squid
445
VMScore
CVE-2016-2570
The Edge Side Includes (ESI) parser in Squid 3.x prior to 3.5.15 and 4.x prior to 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/Cu...
Squid-cache Squid 4.0.3
Squid-cache Squid 4.0.2
Squid-cache Squid 3.4.8
Squid-cache Squid 3.4.4
Squid-cache Squid 3.4.1
Squid-cache Squid 3.4.0.3
Squid-cache Squid 3.3.5
Squid-cache Squid 3.3.4
Squid-cache Squid 3.3.0.3
Squid-cache Squid 3.3.0.2
Squid-cache Squid 3.2.4
Squid-cache Squid 3.2.3
Squid-cache Squid 3.2.0.9
Squid-cache Squid 3.2.0.8
Squid-cache Squid 3.2.0.18
Squid-cache Squid 3.2.0.17
Squid-cache Squid 3.2.0.10
Squid-cache Squid 3.2.0.1
Squid-cache Squid 3.1.4
Squid-cache Squid 3.1.3
Squid-cache Squid 3.1.1
Squid-cache Squid 3.1.0.9
445
VMScore
CVE-2016-2572
http.cc in Squid 4.x prior to 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a malformed response.
Squid-cache Squid 4.0.1
Squid-cache Squid 4.0.3
Squid-cache Squid 4.0.2
Squid-cache Squid 4.0.6
Squid-cache Squid 4.0.5
Squid-cache Squid 4.0.4
445
VMScore
CVE-2014-0128
Squid 3.1 prior to 3.3.12 and 3.4 prior to 3.4.4, when SSL-Bump is enabled, allows remote malicious users to cause a denial of service (assertion failure) via a crafted range request, related to state management.
Squid-cache Squid 3.1
Squid-cache Squid 3.1.0.15
Squid-cache Squid 3.1.0.16
Squid-cache Squid 3.1.0.17
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.8
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.8
Squid-cache Squid 3.1.9
Squid-cache Squid 3.2.0.15
Squid-cache Squid 3.2.0.16
Squid-cache Squid 3.2.0.5
Squid-cache Squid 3.2.0.6
Squid-cache Squid 3.2.2
Squid-cache Squid 3.2.3
Squid-cache Squid 3.1.0.1
Squid-cache Squid 3.1.0.10
Squid-cache Squid 3.1.0.18
Squid-cache Squid 3.1.0.2
Squid-cache Squid 3.1.0.9
Squid-cache Squid 3.1.1
445
VMScore
CVE-2013-0189
cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote malicious users to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, possibly involving an incorre...
Squid-cache Squid 3.1.0.18
Squid-cache Squid 3.1.13
Squid-cache Squid 3.1.0.7
Squid-cache Squid 3.1.0.14
Squid-cache Squid 3.1.0.12
Squid-cache Squid 3.1.1
Squid-cache Squid 3.1.0.3
Squid-cache Squid 3.1.0.1
Squid-cache Squid 3.1.22
Squid-cache Squid 3.1.14
Squid-cache Squid 3.1.8
Squid-cache Squid 3.1.6
Squid-cache Squid 3.1.0.9
Squid-cache Squid 3.1.0.15
Squid-cache Squid 3.1.15
Squid-cache Squid 3.1.0.13
Squid-cache Squid 3.1.12
Squid-cache Squid 3.1.10
Squid-cache Squid 3.1.3
Squid-cache Squid 3.1.0.2
Squid-cache Squid 3.1.5
Squid-cache Squid 3.1.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »