Lucene search
K

181 matches found

OSV
OSV
added 2017/05/18 9:39 p.m.4 views

USN-3275-3 openjdk-7 regression

USN-3275-2 fixed vulnerabilities in OpenJDK 7. Unfortunately, the update introduced a regression when handling TLS handshakes. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenJDK improperly re-used cached NTLM connections in...

5.8AI score
Exploits0References2
EUVD
EUVD
added 2017/03/24 3:0 p.m.2 views

EUVD-2017-14611

Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service memory consumption via vectors involving a pixel cache...

7.8CVSS5.6AI score0.05959EPSS
Exploits0References13
CNVD
CNVD
added 2017/03/23 12:0 a.m.5 views

ImageMagick magick/cache.c File Denial of Service Vulnerability

mageMagick is a set of open source image processing software. A security vulnerability exists in the ImageMagick magick/cache.c file. An attacker can exploit the vulnerability to submit a special file that will trick the application into parsing it, crashing the application...

5.5CVSS9.1AI score0.01166EPSS
Exploits0References1
NVD
NVD
added 2017/02/24 2:59 a.m.13 views

CVE-2017-6076

In versions of wolfSSL before 3.10.2 the function fpmulcomba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine...

5.5CVSS5.2AI score0.00487EPSS
Exploits0References2
OSV
OSV
added 2017/01/27 12:0 a.m.3 views

UBUNTU-CVE-2016-10002

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to prob...

7.5CVSS6.7AI score0.06766EPSS
Exploits0References5
CNVD
CNVD
added 2016/11/18 12:0 a.m.14 views

Wireshark AllJoyn Parser Cache Denial of Service Vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A denial of service vulnerability exists in the AllJoyn parser in Wireshark versions 2.2...

5.9CVSS6AI score0.01595EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/09/18 10:0 p.m.28 views

CVE-2016-4746

The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction...

4.2AI score0.01761EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/08/18 5:0 p.m.23 views

CVE-2015-5490

The viewsfetchdata method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to hidden content via unspecified vectors...

6.7AI score0.02607EPSS
Exploits1References6
myhack58
myhack58
added 2015/08/11 12:0 a.m.26 views

Discuz! X-Series remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

0x01 vulnerability root causes The root of the problem is that the api/uc. php file in the updatebadwords method, the code is as follows: function updatebadwords$get, $post global $G; if! APIUPDATEBADWORDS return APIRETURNFORBIDDEN; $data = array; ifisarray$post foreach$post as $k = $v...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/01/13 12:0 a.m.147 views

MS15-001: Vulnerability in Windows Application Compatibility Cache Could Allow Elevation of Privilege (3023266)

The remote Windows host is affected by a privilege escalation vulnerability due to improper validation of the authorization of a caller's impersonation token in the Microsoft Windows Application Compatibility Infrastructure AppCompat component. A local attacker, with a specially crafted program,...

7.2CVSS5.5AI score0.13802EPSS
Exploits4References2
Cvelist
Cvelist
added 2014/09/27 10:0 a.m.48 views

CVE-2014-5459

The PEARREST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a 1 rest.cachefile or 2 rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions...

8.9AI score0.00643EPSS
Exploits1References5
CERT
CERT
added 2012/02/08 12:0 a.m.34 views

ISC BIND 9 resolver cache vulnerability

Overview ISC BIND 9 resolver contains a vulnerability that could allow a attacker to keep a domain name in the cache even after it has been deleted from registration. Description According to ISC:I SC has been notified by Haixin Duan a professor at Tsinghua University in Beijing China, who is...

5CVSS8.2AI score0.13538EPSS
Exploits1References2
CERT
CERT
added 2010/12/01 12:0 a.m.33 views

ISC BIND cache vulnerability

Overview The ISC BIND nameserver contains a vulnerability that could allow a remote attacker to cause a denial of service. Description According to ISC:Adding certain types of signed negative responses to cache doesn't clear any matching RRSIG records already in cache. A subsequent lookup of the...

4CVSS8.4AI score0.10655EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/07/10 12:0 a.m.193 views

Firefox wyciwyg:// cache zone bypass

There is an interesting vulnerability in how Mozilla Firefox handles internal wyciwyg:// pseudo-URIs. These cache-related resource identifiers are meant to be inaccessible by the user - but there are at least three routes to bypass these restrictionss, one of which - HTTP 302 redirect - also...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2005/04/21 4:0 a.m.22 views

CVE-2001-1452

By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses...

7.6AI score0.0938EPSS
Exploits0References4
OSV
OSV
added 2005/03/08 5:0 a.m.3 views

DEBIAN-CVE-2005-0626

Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies...

2.6CVSS6.5AI score0.01352EPSS
Exploits0References1
OSV
OSV
added 2004/12/31 5:0 a.m.3 views

DEBIAN-CVE-2004-2654

The clientAbortBody function in clientside.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service segmentation fault via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer...

5CVSS7.2AI score0.01993EPSS
Exploits0References1
0day.today
0day.today
added 2004/07/18 12:0 a.m.18 views

MS Internet Explorer Overly Trusted Location Cache Exploit

Exploit for unknown platform in category dos / poc ========================================================== MS Internet Explorer Overly Trusted Location Cache Exploit ========================================================== Overly Trusted Location Variant Method Cache Vulnerability GO! This...

7AI score
Exploits0
seebug.org
seebug.org
added 2004/07/18 12:0 a.m.10 views

MS Internet Explorer Overly Trusted Location Cache Exploit

No description provided by source. html body bfont size="5"Overly Trusted Location Variant Method Cache Vulnerability/font/b brbr a href="refresh" onclick="setTimeout'document.execCommand'Refresh'',1000;"font size=4 color=redGO!/font/abr +br This vulnerability seems to be unstable. For some...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/18 12:0 a.m.45 views

Microsoft Internet Explorer - Overly Trusted Location Cache

Overly Trusted Location Variant Method Cache Vulnerability GO! This vulnerability seems to be unstable. For some reason, it crashes my internet explorer unless the exploit is executed onlo +ad and even then it crashes sometimes. var...

7AI score
Exploits0
Rows per page
Query Builder