Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squid squid vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2005-1519
Squid 2.5 STABLE9 and previous versions, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote malicious users to spoof DNS lookups.
Squid Squid
5
CVSSv2
CVE-2002-0715
Vulnerability in Squid prior to 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password.
Squid Squid
7.5
CVSSv2
CVE-2002-0713
Buffer overflows in Squid prior to 2.4.STABLE6 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP se...
Squid Squid
7.5
CVSSv2
CVE-2002-0714
FTP proxy in Squid prior to 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote malicious users to bypass firewall rules or spoof FTP server responses.
Squid Squid
5
CVSSv2
CVE-2004-0832
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and previous versions, with NTLM authentication enabled, allow remote malicious users to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to mem...
Squid Squid
4.3
CVSSv2
CVE-2018-19131
Squid prior to 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
Squid-cache Squid
1 Github repository
NA
CVE-2023-46724
Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 up to and including 5.9 and 6.0 before 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This pro...
Squid-cache Squid
NA
CVE-2024-23638
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pag...
Squid-cache Squid
4.4
CVSSv2
CVE-2019-12522
An issue exists in Squid up to and including 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compr...
Squid-cache Squid
4
CVSSv2
CVE-2020-14059
An issue exists in Squid 5.x prior to 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.
Squid-cache Squid
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »