Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-18860 4.3
Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
24-01-2023 - 02:12 20-03-2020 - 21:15
CVE-2019-12528 5.0
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
26-04-2022 - 20:00 04-02-2020 - 21:15
CVE-2020-8517 5.0
An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can re
21-07-2021 - 11:39 04-02-2020 - 20:15
CVE-2019-12521 4.3
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addSt
21-07-2021 - 11:39 15-04-2020 - 19:15
CVE-2020-11945 7.5
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a s
17-03-2021 - 12:40 23-04-2020 - 15:15
CVE-2019-12519 7.5
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expr
11-02-2021 - 14:43 15-04-2020 - 20:15
Back to Top Mark selected
Back to Top