Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server message block vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2020-10751
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest...
Kernel Selinux
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server 8.0
668
VMScore
CVE-2019-12524
An issue exists in Squid up to and including 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maint...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
383
VMScore
CVE-2019-18860
Squid prior to 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
516
VMScore
CVE-2019-18677
An issue exists in Squid 3.x and 4.x up to and including 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origin...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2019-18678
An issue exists in Squid 3.x and 4.x up to and including 4.8. It allows malicious users to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and S...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
187
VMScore
CVE-2019-1125
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.
Microsoft Windows 10 1709
Microsoft Windows 10 1809
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows Server 2019 -
Microsoft Windows 7 -
Microsoft Windows 10 1703
Microsoft Windows 10 1803
Microsoft Windows 10 1903
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 1803
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Virtualization Host 4.0
1 Github repository
2 Articles
383
VMScore
CVE-2019-12529
An issue exists in Squid 2.x up to and including 2.7.STABLE9, 3.x up to and including 3.5.28, and 4.x up to and including 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be d...
Squid-cache Squid 2.7
Squid-cache Squid
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 29
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
445
VMScore
CVE-2019-1704
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote malicious user to cause a denial of service (DoS) condition. For more information...
Cisco Firepower Threat Defense
294
VMScore
CVE-2019-1696
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote malicious user to cause a denial of service (DoS) condition. For more information...
Cisco Firepower Management Center 2.9.11
Cisco Firepower Management Center 2.9.12
Cisco Firepower Management Center 2.9.13
Cisco Firepower Management Center 2.9.9
Cisco Firepower Management Center 2.9.10
Cisco Firepower Management Center 2.9.8
Cisco Firepower Threat Defense
668
VMScore
CVE-2019-0786
An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine, aka 'SMB Server Elevation of Privilege Vulnerability...
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1709
Microsoft Windows 10 1709
Microsoft Windows 10 1809
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »