Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cache poisoning vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-21507
Versions of the package mysql2 prior to 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon (:) character within a value of the attacker-crafted key.
8.1
CVSSv3
CVE-2008-3438
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Apple Mac Os X
NA
CVE-2008-3437
OpenOffice.org (OOo) prior to 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Openoffice Openoffice.org 2.0
Openoffice Openoffice.org 2.0.2
Openoffice Openoffice.org 2.0.3
Openoffice Openoffice.org 2.0.4
Openoffice Openoffice.org 1.1.5
NA
CVE-2008-3441
Nullsoft Winamp prior to 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Nullsoft Winamp
4
CVSSv3
CVE-2017-1773
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817.
Ibm Datapower Gateway
NA
CVE-2008-3434
Apple iTunes prior to 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Apple Itunes 1.1.2
Apple Itunes 2.0
Apple Itunes 4.0
Apple Itunes 4.0.1
Apple Itunes 4.9
Apple Itunes 5.0
Apple Itunes 6.0.4.2
Apple Itunes
Apple Itunes 2.0.1
Apple Itunes 2.0.2
Apple Itunes 4.1
Apple Itunes 4.2
Apple Itunes 5.0.1
Apple Itunes 6.0
Apple Itunes 1.0
Apple Itunes 2.0.3
Apple Itunes 2.0.4
Apple Itunes 4.5
Apple Itunes 4.6
Apple Itunes 6.0.1
Apple Itunes 6.0.2
Apple Itunes 1.1
NA
CVE-2008-3439
SpeedBit Video Acceleration prior to 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Speedbit Speedbit Video Accelerator
NA
CVE-2008-3435
LinkedIn Browser Toolbar 3.0.3.1100 and previous versions does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Linkedin Browser Toolbar
4.7
CVSSv3
CVE-2017-9071
In MODX Revolution prior to 2.5.7, an attacker might be able to trigger XSS by injecting a payload into the HTTP Host header of a request. This is exploitable only in conjunction with other issues such as Cache Poisoning.
Modx Modx Revolution
NA
CVE-2008-3433
SpeedBit Download Accelerator Plus (DAP) prior to 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Speedbit Download Accelerator Plus 8.1
Speedbit Download Accelerator Plus
Speedbit Download Accelerator Plus 8.0
Speedbit Download Accelerator Plus 8.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »