Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cache poisoning vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-10874
PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote malicious users to conduct DNS cache poisoning attacks.
Ntt-east Pwr-q200 Firmware -
4.6
CVSSv3
CVE-2016-5933
IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223.
Ibm Tivoli Monitoring 6.3.0
Ibm Tivoli Monitoring 6.2.3.4
Ibm Tivoli Monitoring 6.3.0.7
Ibm Tivoli Monitoring 6.2.2.3
Ibm Tivoli Monitoring 6.2.2.6
Ibm Tivoli Monitoring 6.3.0.6
Ibm Tivoli Monitoring 6.2.3
Ibm Tivoli Monitoring 6.3.0.4
Ibm Tivoli Monitoring 6.2.2.4
Ibm Tivoli Monitoring 6.3.0.3
Ibm Tivoli Monitoring 6.3.0.5
Ibm Tivoli Monitoring 6.2.3.2
Ibm Tivoli Monitoring 6.2.3.5
Ibm Tivoli Monitoring 6.2.3.3
Ibm Tivoli Monitoring 6.2.2.2
Ibm Tivoli Monitoring 6.2.2.9
Ibm Tivoli Monitoring 6.3.0.1
Ibm Tivoli Monitoring 6.2.2.7
Ibm Tivoli Monitoring 6.2.2
Ibm Tivoli Monitoring 6.2.2.8
Ibm Tivoli Monitoring 6.3.0.2
Ibm Tivoli Monitoring 6.2.2.5
6.5
CVSSv3
CVE-2020-4896
IBM Emptoris Sourcing 10.1.0, 10.1.1, and 10.1.3 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 190987.
Ibm Emptoris Sourcing
5.3
CVSSv3
CVE-2021-32004
This issue affects: Secomea GateManager All versions before 9.6. Improper Check of host header in web server of Secomea GateManager allows malicious user to cause browser cache poisoning.
Secomea Gatemanager 8250 Firmware
4.6
CVSSv3
CVE-2019-4216
IBM SmartCloud Analytics 1.3.1 up to and including 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187.
Ibm Smartcloud Analytics Log Analysis
NA
CVE-2001-1474
SSH prior to 2.0 disables host key checking when connecting to the localhost, which allows remote malicious users to silently redirect connections to the localhost by poisoning the client's DNS cache.
Ssh Ssh 1.2.31
Ssh Ssh 1.2.24
Ssh Ssh 1.2.25
Ssh Ssh 1.2.30
Ssh Ssh 1.2.26
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
7.5
CVSSv3
CVE-2022-33990
Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.
Dproxy-nexgen Project Dproxy-nexgen -
6.5
CVSSv3
CVE-2020-4828
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 189842.
Ibm Api Connect
Ibm Api Connect 10.0.1.0
Ibm Api Connect 10.0.0.0
9.8
CVSSv3
CVE-2022-34294
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.
Totd Project Totd 1.5.3
5.3
CVSSv3
CVE-2022-33993
Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.
Domain Name Relay Daemon Project Domain Name Relay Daemon 2.20.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »