Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
cache poisoning vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-1999-0165
NFS cache poisoning....
Sun
Nfs
Solaris
Sunos
Bsdi
Bsd Os
Linux
Linux Kernel
5
CVSSv2
CVE-2016-4553
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request....
Squid-cache
Squid
Canonical
Ubuntu Linux
Oracle
Linux
5
CVSSv2
CVE-2016-4554
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue....
Squid-cache
Squid
Canonical
Ubuntu Linux
Oracle
Linux
5
CVSSv2
CVE-1999-0024
DNS cache poisoning via BIND, by predictable query IDs....
Isc
Bind
Bsdi
Bsd Os
Ibm
Aix
Nec
Asl Ux 4800
Ews-ux V
Up-ux V
Sco
Open Desktop
Openserver
Unix
Unixware
Sun
Solaris
Sunos
2.6
CVSSv2
CVE-2013-5661
Cache Poisoning issue exists in DNS Response Rate Limiting....
Isc
Bind
Nic
Knot Resolver
Nlnetlabs
Nsd
Redhat
Enterprise Linux
4
CVSSv2
CVE-2020-5255
In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content...
Sensiolabs
Symfony
5
CVSSv2
CVE-2019-3978
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially...
Mikrotik
Routeros
1 EDB exploit available
7.5
CVSSv2
CVE-2019-3943
MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read...
Mikrotik
Routeros
1 Github repository available
5
CVSSv2
CVE-2016-9450
The user password reset form in Drupal 8.x before 8.2.3 allows remote attackers to conduct cache poisoning attacks by leveraging failure to specify a correct cache context....
Drupal
9.4
CVSSv2
CVE-2008-1454
Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's...
Microsoft
Windows 2000
Windows Server 2003
Windows Server 2008
Windows Xp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
CVE-2019-19781
CVE-2020-8521
CVE-2019-4323
mass assignment
CVE-2020-11994
blind SQL injection
CVE-2020-9498
CVE-2020-12736
1
2
3
4
5
NEXT »
Vulmon