Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cache poisoning vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-0097
ISC BIND 9.0.x up to and including 9.3.x, 9.4 prior to 9.4.3-P5, 9.5 prior to 9.5.2-P2, 9.6 prior to 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote malicious users to add the Authenticated Data (AD) flag to a forged ...
Isc Bind 9.6.1
Isc Bind 9.2.0
Isc Bind 9.1.1
Isc Bind 9.3.1
Isc Bind 9.5.0
Isc Bind 9.4.3
Isc Bind 9.2.3
Isc Bind 9.1.3
Isc Bind 9.5.1
Isc Bind 9.4
Isc Bind 9.6
Isc Bind 9.4.0
Isc Bind 9.3.5
Isc Bind 9.3.2
Isc Bind 9.2.8
Isc Bind 9.2
Isc Bind 9.3.0
Isc Bind 9.2.4
Isc Bind 9.2.1
Isc Bind 9.0.0
Isc Bind 9.5
Isc Bind 9.3
NA
CVE-2007-3898
The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote malicious users to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors.
Microsoft Windows 2003 Server
Microsoft Windows 2000
Microsoft Windows Server 2003
2 EDB exploits
5.9
CVSSv3
CVE-2021-23336
The package python/cpython from 0 and prior to 3.6.13, from 3.7.0 and prior to 3.7.10, from 3.8.0 and prior to 3.8.8, from 3.9.0 and prior to 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaki...
Python Python
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Ontap Select Deploy Administration Utility -
Netapp Inventory Collect Tool -
Djangoproject Django
Oracle Zfs Storage Appliance 8.8
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Pricing Design Center 12.0.0.3.0
7.5
CVSSv3
CVE-2016-9450
The user password reset form in Drupal 8.x prior to 8.2.3 allows remote malicious users to conduct cache poisoning attacks by leveraging failure to specify a correct cache context.
Drupal Drupal 8.0.0
Drupal Drupal 8.2.0
Drupal Drupal 8.1.0
Drupal Drupal 8.1.2
Drupal Drupal 8.1.6
Drupal Drupal 8.1.8
Drupal Drupal 8.1.9
Drupal Drupal 8.1.5
Drupal Drupal 8.1.10
Drupal Drupal 8.0.4
Drupal Drupal 8.0.5
Drupal Drupal 8.1.3
Drupal Drupal 8.0.2
Drupal Drupal 8.0.3
Drupal Drupal 8.1.7
Drupal Drupal 8.2.1
Drupal Drupal 8.0.1
Drupal Drupal 8.1.1
Drupal Drupal 8.1.4
Drupal Drupal 8.0.6
Drupal Drupal 8.2.2
6.5
CVSSv3
CVE-2022-30295
uClibc-ng up to and including 1.0.40 and uClibc up to and including 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2.
Uclibc Uclibc
Uclibc-ng Project Uclibc-ng
NA
CVE-1999-0165
NFS cache poisoning.
Sun Nfs
Sun Sunos 5.3
Sun Sunos 4.0.1
Sun Sunos 4.1.4
Sun Solaris 2.4
Sun Sunos 4.0.3
Sun Sunos 4.1
Sun Sunos 5.4
Sun Sunos 4.0.2
Sun Sunos 4.1.1
Linux Linux Kernel 2.6.20.1
Sun Sunos 4.1.3
Sun Sunos 3.5
Sun Sunos 5.0
Bsdi Bsd Os
Sun Sunos 4.1.2
Sun Sunos 4.0
Sun Sunos 5.1
Sun Sunos 5.2
Sun Sunos -
NA
CVE-1999-0024
DNS cache poisoning via BIND, by predictable query IDs.
Isc Bind 8.1
Isc Bind 4.9.5
Sco Openserver 5.0
Sco Open Desktop 3.0
Sun Sunos 5.3
Nec Ews-ux V 4.2mp
Sun Solaris 2.4
Sun Solaris 2.5.1
Sun Solaris 2.5
Ibm Aix 4.2
Nec Asl Ux 4800 64
Sun Sunos 5.5
Bsdi Bsd Os 3.0
Nec Ews-ux V 4.2
Sco Unixware 2.1
Bsdi Bsd Os 2.1
Sco Unix 3.2v4
Sun Sunos 5.4
Sun Sunos 5.5.1
Ibm Aix 4.1
Sun Solaris 2.6
Nec Up-ux V 4.2mp
5.9
CVSSv3
CVE-2013-5661
Cache Poisoning issue exists in DNS Response Rate Limiting.
Isc Bind
Nlnetlabs Nsd 3.2.15
Nic Knot Resolver
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
5.9
CVSSv3
CVE-2019-19326
Silverstripe CMS sites up to and including 4.4.4 which have opted into HTTP Cache Headers on responses served by the framework's HTTP layer can be vulnerable to web cache poisoning. Through modifying the X-Original-Url and X-HTTP-Method-Override headers, responses with malic...
Silverstripe Silverstripe
NA
CVE-2008-1454
Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote malicious users to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server'...
Microsoft Windows Xp
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Server 2008
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »