Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cache poisoning vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3440
Sun Java 1.6.0_03 and previous versions versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache pois...
Sun Java 1.6.0
Sun Java
3.5
CVSSv2
CVE-2007-0124
Unspecified vulnerability in Drupal prior to 4.6.11, and 4.7 prior to 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
Drupal Drupal 4.6.4
Drupal Drupal 4.6.5
Drupal Drupal 4.6.2
Drupal Drupal 4.6.3
Drupal Drupal 4.7
Drupal Drupal 4.7.0
Drupal Drupal 4.7.1
Drupal Drupal 4.7.2
Drupal Drupal 4.6.1
Drupal Drupal 4.6.10
Drupal Drupal 4.6.8
Drupal Drupal 4.6.9
Drupal Drupal 4.6
Drupal Drupal 4.6.0
Drupal Drupal 4.6.6
Drupal Drupal 4.6.7
Drupal Drupal 4.7.3
Drupal Drupal 4.7.4
5
CVSSv2
CVE-2006-2479
The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote malicious users to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicio...
Bitrix Bitrix Site Manager 4.0.4
Bitrix Bitrix Site Manager 4.0.5
Bitrix Bitrix Site Manager 4.0.6
Bitrix Bitrix Site Manager 4.0.7
Bitrix Bitrix Site Manager 4.0.2
Bitrix Bitrix Site Manager 4.0.3
Bitrix Bitrix Site Manager 4.0.0
Bitrix Bitrix Site Manager 4.0.8
Bitrix Bitrix Site Manager 4.1.0
5.8
CVSSv2
CVE-2020-28473
The package bottle from 0 and prior to 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the pr...
Bottlepy Bottle
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2002-0676
SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote malicious users to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Hor...
Apple Mac Os X 10.1.1
Apple Mac Os X 10.1.2
Apple Mac Os X 10.1.3
Apple Mac Os X 10.1.4
Apple Mac Os X 10.1
Apple Mac Os X 10.1.5
1 EDB exploit
5
CVSSv2
CVE-2021-41451
A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated malicious user to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning at...
Tp-link Archer Ax10 Firmware
4.3
CVSSv2
CVE-2021-41267
Symfony/Http-Kernel is the HTTP kernel component for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Headers that are not part of the "trusted_headers" allowed list are ignored and protect users from "Cache poisoning&...
Sensiolabs Symfony
4
CVSSv2
CVE-2018-8004
There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later version...
Apache Traffic Server
Debian Debian Linux 9.0
NA
CVE-2024-29042
Translate is a package that allows users to convert text to different languages on Node.js and the browser. Prior to version 3.0.0, an attacker controlling the second variable of the `translate` function is able to perform a cache poisoning attack. They can change the outcome of ...
NA
CVE-2022-34163
IBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an malicious user to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. ...
Ibm Cics Tx 11.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »