CVE-2019-18676
- EPSS 9.18%
- Veröffentlicht 26.11.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:33:30
An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurri...
CVE-2019-18677
- EPSS 7.24%
- Veröffentlicht 26.11.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:33:30
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately ...
CVE-2019-18678
- EPSS 10.93%
- Veröffentlicht 26.11.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:33:30
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (be...
CVE-2019-12523
- EPSS 4.3%
- Veröffentlicht 26.11.2019 17:15:10
- Zuletzt bearbeitet 21.11.2024 04:23:01
An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypasse...
CVE-2019-12526
- EPSS 20.25%
- Veröffentlicht 26.11.2019 17:15:10
- Zuletzt bearbeitet 21.11.2024 04:23:02
An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the ...
CVE-2019-6477
- EPSS 4.02%
- Veröffentlicht 26.11.2019 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:46:31
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resourc...
CVE-2019-19270
- EPSS 1.01%
- Veröffentlicht 26.11.2019 04:15:12
- Zuletzt bearbeitet 21.11.2024 04:34:27
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken in...
CVE-2019-19246
- EPSS 2.94%
- Veröffentlicht 25.11.2019 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:34:24
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
CVE-2019-13723
- EPSS 1.49%
- Veröffentlicht 25.11.2019 15:15:34
- Zuletzt bearbeitet 21.11.2024 04:25:34
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2012-5644
- EPSS 0.41%
- Veröffentlicht 25.11.2019 15:15:12
- Zuletzt bearbeitet 23.01.2026 22:03:05
libuser has information disclosure when moving user's home directory