Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-5643 | 5.0 |
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length header
|
13-02-2023 - 00:27 | 20-12-2012 - 12:02 | |
CVE-2011-3205 | 6.8 |
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon
|
13-02-2023 - 00:19 | 06-09-2011 - 15:55 | |
CVE-2016-5408 | 7.5 |
Stack-based buffer overflow in the munge_other_line function in cachemgr.cgi in the squid package before 3.1.23-16.el6_8.6 in Red Hat Enterprise Linux 6 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this vulnerabil
|
27-12-2019 - 16:08 | 10-08-2016 - 14:59 | |
CVE-2016-4556 | 5.0 |
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response. <a href="http://cwe.mitre.org/data/definitions/415.html">
|
27-12-2019 - 16:08 | 10-05-2016 - 19:59 | |
CVE-2014-0128 | 5.0 |
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state management.
|
30-10-2018 - 16:27 | 14-04-2014 - 15:09 | |
CVE-2014-3609 | 5.0 |
HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via a request with crafted "Range headers with unidentifiable byte-range values."
|
07-01-2017 - 03:00 | 11-09-2014 - 18:55 | |
CVE-2011-4096 | 5.0 |
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an
|
28-11-2016 - 19:07 | 17-11-2011 - 19:55 | |
CVE-2010-3072 | 5.0 |
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request. Per: http://cwe.mitre.org/data/def
|
14-01-2011 - 06:46 | 20-09-2010 - 21:00 |