Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cache poisoning vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0858
The response_addname function in response.c in Daniel J. Bernstein djbdns 1.05 and previous versions does not constrain offsets in the required manner, which allows remote attackers, with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses...
D.j.bernstein Djbdns
1 EDB exploit
6.1
CVSSv3
CVE-2022-23599
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the ...
Plone Plone
NA
CVE-2007-2930
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 prior to 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote malicious users to poison D...
Isc Bind
2 EDB exploits
NA
CVE-2004-1754
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote malicious users to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
Symantec Enterprise Firewall 8.0
Symantec Enterprise Firewall 7.0.4
Symantec Gateway Security 5200 1.0
Symantec Gateway Security 5310 1.0
Symantec Gateway Security 5400 2.0.1
Symantec Gateway Security 5110 1.0
Symantec Gateway Security 5300 1.0
Symantec Gateway Security 5400 2.0
1 EDB exploit
5.3
CVSSv3
CVE-2023-20232
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP re...
Cisco Unified Contact Center Express
NA
CVE-2010-0382
ISC BIND 9.0.x up to and including 9.3.x, 9.4 prior to 9.4.3-P5, 9.5 prior to 9.5.2-P2, 9.6 prior to 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote malicious users to have an ...
Isc Bind 9.7.0
Isc Bind 9.6.1
Isc Bind 9.6.0
Isc Bind 9.4.3
Isc Bind 9.4.1
Isc Bind 9.4.0
Isc Bind 9.3.5
Isc Bind 9.3.2
Isc Bind 9.3.1
Isc Bind 9.3.0
Isc Bind 9.2.7
Isc Bind 9.2.4
Isc Bind 9.2.3
Isc Bind 9.2.2
Isc Bind 9.2.1
Isc Bind 9.2.0
Isc Bind 9.10.3
Isc Bind 9.10.1
Isc Bind 9.10.0
Isc Bind 9.1.3
Isc Bind 9.1.1
Isc Bind 9.0.1
NA
CVE-2008-4100
GNU adns 1.4 and previous versions uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote malicious users to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behav...
Gnu Adns 0.5
Gnu Adns 0.9
Gnu Adns
Gnu Adns 1.0
Gnu Adns 0.8
Gnu Adns 0.2
Gnu Adns 0.6
Gnu Adns 1.3
Gnu Adns 1.2
Gnu Adns 0.3
Gnu Adns 1.1
Gnu Adns 0.4
Gnu Adns 0.1
Gnu Adns 0.7
NA
CVE-2010-0290
Unspecified vulnerability in ISC BIND 9.0.x up to and including 9.3.x, 9.4 prior to 9.4.3-P5, 9.5 prior to 9.5.2-P2, 9.6 prior to 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote malicious users to conduct DNS cache poisoning atta...
Isc Bind 9.10.0
Isc Bind 9.10.2
Isc Bind 9.6.1
Isc Bind 9.2.0
Isc Bind 9.1.1
Isc Bind 9.3.1
Isc Bind 9.4.3
Isc Bind 9.2.3
Isc Bind 9.1.3
Isc Bind 9.10.1
Isc Bind 9.4.0
Isc Bind 9.3.5
Isc Bind 9.7.0
Isc Bind 9.3.2
Isc Bind 9.10.3
Isc Bind 9.2.8
Isc Bind 9.2
Isc Bind 9.3.0
Isc Bind 9.2.4
Isc Bind 9.2.1
Isc Bind 9.0.0
Isc Bind 9.3
7.5
CVSSv3
CVE-2020-8449
An issue exists in Squid prior to 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.5
CVSSv3
CVE-2020-15810
An issue exists in Squid prior to 4.13 and 5.x prior to 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security a...
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »