Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application server web cache vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37276
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. aiohttp v3.8.4 and previous versions are bundled with llhttp v6.0.6. Vulnerable code is used by aiohttp for its HTTP request parser when available which is the default case when installing from a whee...
Aiohttp Aiohttp
4
CVSSv2
CVE-2021-23336
The package python/cpython from 0 and prior to 3.6.13, from 3.7.0 and prior to 3.7.10, from 3.8.0 and prior to 3.8.8, from 3.9.0 and prior to 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaki...
Python Python
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Ontap Select Deploy Administration Utility -
Netapp Inventory Collect Tool -
Djangoproject Django
Oracle Zfs Storage Appliance 8.8
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Pricing Design Center 12.0.0.3.0
10
CVSSv2
CVE-2005-0194
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote malicious users to bypass intended ACLs if the administrator ...
Squid Squid 2.0.release
Squid Squid 2.1.patch1
Squid Squid 2.2.pre1
Squid Squid 2.2.pre2
Squid Squid 2.3.devel3
Squid Squid 2.3.stable1
Squid Squid 2.4.stable3
Squid Squid 2.4.stable4
Squid Squid 2.5.stable6
Squid Squid 2.0.patch2
Squid Squid 2.0.pre1
Squid Squid 2.1.release
Squid Squid 2.2.devel3
Squid Squid 2.2.devel4
Squid Squid 2.2.stable5
Squid Squid 2.3.devel2
Squid Squid 2.4.stable1
Squid Squid 2.4.stable2
Squid Squid 2.5.stable4
Squid Squid 2.5.stable5
Squid Squid 2.1.patch2
Squid Squid 2.1.pre1
4.3
CVSSv2
CVE-2021-43800
Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by cr...
Requarks Wiki.js
5.8
CVSSv2
CVE-2011-4136
django.contrib.sessions in Django prior to 1.2.7 and 1.3.x prior to 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote malicious users to modify a session by triggering use of a key ...
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.1.3
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
7.5
CVSSv2
CVE-2005-0173
squid_ldap_auth in Squid 2.5 and previous versions allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
Squid Squid 2.1.patch2
Squid Squid 2.1.pre1
Squid Squid 2.2.pre2
Squid Squid 2.2.stable1
Squid Squid 2.3.stable2
Squid Squid 2.3.stable3
Squid Squid 2.4.stable6
Squid Squid 2.4.stable7
Squid Squid 2.0.patch2
Squid Squid 2.0.pre1
Squid Squid 2.1.release
Squid Squid 2.2.devel3
Squid Squid 2.2.stable4
Squid Squid 2.2.stable5
Squid Squid 2.4.stable1
Squid Squid 2.4.stable2
Squid Squid 2.5.stable3
Squid Squid 2.5.stable4
Squid Squid 2.0.release
Squid Squid 2.1.patch1
Squid Squid 2.2.devel4
Squid Squid 2.2.pre1
6.8
CVSSv2
CVE-2007-0008
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) prior to 3.11.5, as used by Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, SeaMonkey prior to 1.0.8, Thunderbird prior to 1.5.0.10, and certain Sun Java System server products prior to 20070611...
Mozilla Firefox
Mozilla Network Security Services 3.11.4
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9.2
Mozilla Firefox 0.3
Mozilla Firefox 0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.8
Mozilla Seamonkey 1.0
Mozilla Thunderbird 1.0.6
Mozilla Thunderbird 0.7.1
Mozilla Thunderbird 1.0
Mozilla Thunderbird 0.6
Mozilla Thunderbird 0.3
Mozilla Thunderbird 1.5.0.4
Mozilla Thunderbird 1.5.0.6
Mozilla Firefox 2.0
Mozilla Firefox 0.10
5
CVSSv2
CVE-2011-4137
The verify_exists functionality in the URLField implementation in Django prior to 1.2.7 and 1.3.x prior to 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote malicious users to cause a denial of service (resource consumpt...
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.1.3
4.3
CVSSv2
CVE-2005-2090
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content...
Apache Tomcat 5.0.19
Apache Tomcat 4.1.24
7.1
CVSSv2
CVE-2021-3737
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to syst...
Python Python
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Power Little Endian 8.0
Redhat Codeready Linux Builder 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 21.04
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Management Services For Element Software -
Netapp Netapp Xcp Smb -
Netapp Xcp Nfs -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »