Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application server web cache vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-2091
IBM WebSphere 5.1 and WebSphere 5.0 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes W...
Ibm Websphere Application Server 5.0
Ibm Websphere Application Server 5.1.0
7.5
CVSSv2
CVE-2002-2345
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote malicious users to gain access.
Oracle Application Server 9.0.2
4.3
CVSSv2
CVE-2005-2093
Oracle 9i Application Server (Oracle9iAS) 9.0.2 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, wh...
Oracle Application Server 9.0.2
4.3
CVSSv2
CVE-2005-2094
Sun SunONE web server 6.1 SP1 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes SunONE ...
Sun One Web Server 6.1
5
CVSSv2
CVE-2005-2728
The byte-range filter in Apache 2.0 prior to 2.0.54 allows remote malicious users to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
Apache Http Server 2.0.42
Apache Http Server 2.0.47
Apache Http Server 2.0.50
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.52
Apache Http Server 2.0.53
Apache Http Server 2.0.51
Apache Http Server 2.0.28
Apache Http Server 2.0.41
Apache Http Server 2.0.49
Apache Http Server 2.0.9
Apache Http Server 2.0.32
Apache Http Server 2.0.38
Apache Http Server 2.0.48
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.36
Apache Http Server 2.0.46
Apache Http Server 2.0.43
4.3
CVSSv2
CVE-2005-2092
BEA Systems WebLogic 8.1 SP1 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebLogic...
Bea Weblogic Server 8.1
5
CVSSv2
CVE-2005-1268
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote malicious users to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
Apache Http Server
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
Debian Debian Linux 3.1
4.3
CVSSv2
CVE-2005-2088
The Apache HTTP server prior to 1.3.34, and 2.0.x prior to 2.0.55, when acting as an HTTP proxy, allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chu...
Apache Http Server
Debian Debian Linux 3.1
Debian Debian Linux 3.0
5
CVSSv2
CVE-2017-5533
A vulnerability in the server content cache of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a v...
Tibco Jasperreports Server 6.4.0
Tibco Jaspersoft 6.4.0
Tibco Jaspersoft Reporting And Analytics 6.4.0
4.3
CVSSv2
CVE-2012-3976
Mozilla Firefox prior to 15.0, Firefox ESR 10.x prior to 10.0.7, and SeaMonkey prior to 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote malicious users to spoof the X.509 certificate information in the addre...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.3
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Eus 6.3
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »