Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cache poisoning vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-29022
Failure to Sanitize host header value on output in the GateManager Web server could allow an malicious user to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions before 9.3
Secomea Gatemanager 4250 Firmware
Secomea Gatemanager 4260 Firmware
Secomea Gatemanager 9250 Firmware
Secomea Gatemanager 8250 Firmware
NA
CVE-2008-3442
WinZip prior to 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Winzip Winzip 7.0
Winzip Winzip 10.0
Winzip Winzip 8.1
Winzip Winzip 9.0
Winzip Winzip 8.0
4
CVSSv3
CVE-2017-1773
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817.
Ibm Datapower Gateway
NA
CVE-2008-3434
Apple iTunes prior to 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Apple Itunes 6.0.2
Apple Itunes 4.0.1
Apple Itunes 4.1
Apple Itunes 4.6
Apple Itunes 6.0
Apple Itunes 4.7
Apple Itunes 2.0.1
Apple Itunes 6.0.4.2
Apple Itunes 6.0.1
Apple Itunes 6.0.4
Apple Itunes 5.0.1
Apple Itunes 4.0
Apple Itunes 1.1.1
Apple Itunes 6.0.3
Apple Itunes 4.9
Apple Itunes 5.0
Apple Itunes 1.0
Apple Itunes 2.0.3
Apple Itunes 2.0
Apple Itunes 4.5
Apple Itunes 3.0
Apple Itunes 2.0.2
8.1
CVSSv3
CVE-2008-3438
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Apple Mac Os X
NA
CVE-2008-3441
Nullsoft Winamp prior to 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Nullsoft Winamp
NA
CVE-2008-3437
OpenOffice.org (OOo) prior to 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Openoffice Openoffice.org 2.0.4
Openoffice Openoffice.org 2.0
Openoffice Openoffice.org 2.0.2
Openoffice Openoffice.org 2.0.3
Openoffice Openoffice.org 1.1.5
NA
CVE-2024-21507
Versions of the package mysql2 prior to 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon (:) character within a value of the attacker-crafted key.
NA
CVE-2008-3439
SpeedBit Video Acceleration prior to 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Speedbit Speedbit Video Accelerator
NA
CVE-2008-3435
LinkedIn Browser Toolbar 3.0.3.1100 and previous versions does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Linkedin Browser Toolbar
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »