Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cache poisoning vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-32004
This issue affects: Secomea GateManager All versions before 9.6. Improper Check of host header in web server of Secomea GateManager allows malicious user to cause browser cache poisoning.
Secomea Gatemanager 8250 Firmware
6.5
CVSSv3
CVE-2020-4896
IBM Emptoris Sourcing 10.1.0, 10.1.1, and 10.1.3 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 190987.
Ibm Emptoris Sourcing
4.6
CVSSv3
CVE-2019-4216
IBM SmartCloud Analytics 1.3.1 up to and including 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM X-Force ID: 159187.
Ibm Smartcloud Analytics Log Analysis
NA
CVE-2001-1474
SSH prior to 2.0 disables host key checking when connecting to the localhost, which allows remote malicious users to silently redirect connections to the localhost by poisoning the client's DNS cache.
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.30
Ssh Ssh 1.2.31
Ssh Ssh 1.2.26
Ssh Ssh 1.2.27
Ssh Ssh 1.2.24
Ssh Ssh 1.2.25
7.5
CVSSv3
CVE-2022-33990
Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.
Dproxy-nexgen Project Dproxy-nexgen -
9.8
CVSSv3
CVE-2022-34294
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.
Totd Project Totd 1.5.3
6.5
CVSSv3
CVE-2020-4828
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 189842.
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
5.3
CVSSv3
CVE-2022-33993
Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.
Domain Name Relay Daemon Project Domain Name Relay Daemon 2.20.3
5.3
CVSSv3
CVE-2020-29022
Failure to Sanitize host header value on output in the GateManager Web server could allow an malicious user to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions before 9.3
Secomea Gatemanager 4250 Firmware
Secomea Gatemanager 4260 Firmware
Secomea Gatemanager 9250 Firmware
Secomea Gatemanager 8250 Firmware
NA
CVE-2008-3442
WinZip prior to 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Winzip Winzip 10.0
Winzip Winzip 8.0
Winzip Winzip 8.1
Winzip Winzip 9.0
Winzip Winzip 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »