CVE-2023-3203

CVE-2023-3203 affects the WordPress plugin MStore API (versions

SUSE CVE-2010-0218

ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired RD queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query...

SUSE CVE-2018-12385

A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally...

Stack overflow

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

CVE-2022-32527

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

The vulnerability of the Squid caching proxy server, related to improper access control, allows attackers to gain access to confidential information.

The vulnerability of the Squid caching proxy server relates to the inconsistent processing of internal URIs. Exploiting this vulnerability allows a remote attacker to bypass the ACL firewall protection and gain access to information about the cache controller, including records related to the...

The vulnerability affects the implementation of WASM technology in browsers like Firefox, Firefox ESR, and the email client Thunderbird. This allows attackers to trigger a service failure.

The vulnerability of the WASM technology implementation in Firefox browsers, Firefox ESR, and the Thunderbird email client is related to inconsistencies in data instructions and cache data. Exploiting this vulnerability can allow an attacker to cause service failures...

Squid 安全漏洞

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. Squid has a security vulnerability. An attacker can exploit this vulnerability to read sensitive information by...

Salt uses weak permissions on the cache data

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...

GHSA-6PRW-8XHM-H247 Salt uses weak permissions on the cache data

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...

Discourse 安全漏洞

Discourse is an open source community discussion platform. The platform includes features such as communities, email and chat rooms. Discourse suffers from a security vulnerability. An attacker exploited the vulnerability to read the cache of an anonymous i.e., not logged in user, thereby...

Cyberark Software CyberArk Credential Provider 安全特征问题漏洞

CyberArk Software Credential Provider is an installation credential provider program from CyberArk Software, Israel. A security feature issue vulnerability exists in CyberArk Credential Provider versions prior to 12.1, which stems from the use of low-level encryption for the valid key space used ...

CVE-2021-25425

Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component...

Input validation

Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component...

CVE-2021-25425

Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component...

Write cache drives remain offline after creating the target devices through XDSW

Write cache drives remain offline after creating the target devices through XDSW. Moreover, the write cache data will be redirected to the PVS Server local diskautomatically...

UBUNTU-CVE-2020-4788

IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296...

Citrix Gateway Information Disclosure Vulnerability

Citrix Gateway is a customer-managed solution that can be deployed locally or on any public cloud, such as AWS, Azure or Google Cloud Platform. An information disclosure vulnerability exists in Citrix Gateway. An attacker could exploit the vulnerability to expose information via the cache...

The vulnerability of the Software Guard eXtensions processor technology allows unauthorized access to data stored in a secure zone.

The vulnerability of the Software Guard eXtensions SGX processor implementation relates to the possibility of speculative execution of instructions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to data protected by SGX, by executing attacks through peripheral...

TeleGrab Malware Steals Telegram Desktop Messaging Sessions, Steam Credentials

Recently discovered malware steals cache data and secure messaging sessions from the desktop version of encrypted messaging service Telegram. The malware, dubbed TeleGrab, leverages weak default settings in the design of Telegram’s desktop version along with the desktop’s lack of support for Secr...