Vulmon
Recent Vulnerabilities
Discussions
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
cache poisoning vulnerabilities and exploits
10
CVSSv2
CVE-1999-0165
NFS cache poisoning....
Sun
Nfs
Solaris
Sunos
Bsdi
Bsd Os
Linux
Linux Kernel
5
CVSSv2
CVE-2016-4554
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue....
Squid-cache
Squid
Canonical
Ubuntu Linux
Oracle
Linux
5
CVSSv2
CVE-2016-4553
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request....
Squid-cache
Squid
Canonical
Ubuntu Linux
Oracle
Linux
2.6
CVSSv2
CVE-2013-5661
Cache Poisoning issue exists in DNS Response Rate Limiting....
Isc
Bind
Nic
Knot Resolver
Nlnetlabs
Nsd
Redhat
Enterprise Linux
5
CVSSv2
CVE-1999-0024
DNS cache poisoning via BIND, by predictable query IDs....
Isc
Bind
Bsdi
Bsd Os
Ibm
Aix
Nec
Asl Ux 4800
Ews-ux V
Up-ux V
Sco
Open Desktop
Openserver
Unix
Unixware
Sun
Solaris
Sunos
5
CVSSv2
CVE-2019-3978
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially...
Mikrotik
Routeros
1 EDB exploit available
7.5
CVSSv2
CVE-2019-3943
MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read...
Mikrotik
Routeros
1 Github repository available
5
CVSSv2
CVE-2016-9450
The user password reset form in Drupal 8.x before 8.2.3 allows remote attackers to conduct cache poisoning attacks by leveraging failure to specify a correct cache context....
Drupal
4.9
CVSSv2
CVE-2016-9451
Confirmation forms in Drupal 7.x before 7.52 make it easier for remote authenticated users to conduct open redirect attacks via unspecified vectors....
Drupal
4.3
CVSSv2
CVE-2016-9452
The transliterate mechanism in Drupal 8.x before 8.2.3 allows remote attackers to cause a denial of service via a crafted URL....
Drupal
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2019-4639
CVE-2020-8425
information disclosure
CVE-2013-2764
CVE-2014-2897
CVE-2019-17026
CVE-2020-0609
gitlab
local users
logic flaw
1
2
3
4
5
NEXT »
Vulmon