156 matches found
CVE-2011-1131
The PlushSearch2 function in Search.php in Simple Machines Forum SMF before 1.1.13, and 2.x before 2.0 RC5, uses certain cached data in a situation where a temporary table has been created, even though this cached data is intended only for situations where a temporary table has not been created,...
HCL Leap 安全漏洞
HCL Leap is a low-code development platform from HCL India. HCL Leap suffers from a security vulnerability that stems from the lack of a no cache header, which could lead to sensitive data being cached...
GHSA-76G3-38JV-WXH4 tough timestamp metadata is cached when it fails snapshot rollback check
Summary TUF repositories use the timestamp role to protect against rollback events by enabling an automated process to periodically sign the role's metadata. While tough will ensure that the version of snapshot metadata in new timestamp metadata files was always greater than or equal to the...
CVE-2025-27141
Metabase Enterprise Edition is the enterprise version of Metabase business intelligence and data analytics software. Starting in version 1.47.0 and prior to versions 1.50.36, 1.51.14, 1.52.11, and 1.53.2 of Metabase Enterprise Edition, users with impersonation permissions may be able to see resul...
CVE-2022-49550
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: provide blockinvalidatefolio to fix memory leak The ntfs3 filesystem lacks the 'invalidatefolio' method and it causes memory leak. If you write to the filesystem and then unmount it, the cached written data are not free...
SAP Fiori 安全漏洞
SAP Fiori, a user experience UX design system for SAP applications from SAP, Germany, provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, delivering a consistent, innovative experience for creators and users. A security...
DRUPAL-CONTRIB-2024-056
Integrates your Drupal website with the Oh Dear monitoring app. Cached data of monitoring results is accessible to non-logged in users when caching is enabled on the module. This vulnerability is mitigated by the fact that it only affects sites where caching is enabled for OhDear report healthche...
PT-2024-29625 · Unknown · Sinec Traffic Analyzer
Name of the Vulnerable Software and Affected Versions: SINEC Traffic Analyzer versions prior to V2.0 Description: The affected application does not properly handle cacheable HTTP responses in the web service, which could allow an attacker to read and modify data stored in the local cache...
CVE-2024-40935
In the Linux kernel, the following vulnerability has been resolved: cachefiles: flush all requests after setting CACHEFILESDEAD In ondemand mode, when the daemon is processing an open request, if the kernel flags the cache as CACHEFILESDEAD, the cachefilesdaemonwrite will always return -EIO, so t...
Denial Of Service (DoS)
drupal/core is vulnerable to Denial Of Service. The vulnerability is caused by visiting install.php, which can cause cached data to become corrupted until caches are rebuilt...
Drupal core Denial of Service
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...
GHSA-W333-5F96-MJRR Drupal core Denial of Service
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...
Drupal core Denial of Service
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are rebuilt...
PT-2024-40492 · Packagist · Drupal/Drupal
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: A visit to the install.php endpoint can cause cached data to become corrupted, potentially impairing a site until caches are rebuilt. Recommendations: At the moment, there is no...
SAP Business Objects Business Intelligence Platform 安全漏洞
SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. SAP Business Objects Business Intelligence Platform suffers from a...
ISC BIND Security Vulnerability
ISC BIND is a suite of open source software from ISC that implements the DNS protocol. A security vulnerability exists in ISC BIND versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1, which stems from the fact that clearing a cached database node...
DEBIAN-CVE-2023-43796
Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. System administrators are encouraged to upgrade to Synapse 1.95.1 or...
PYSEC-2023-230
Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. System administrators are encouraged to upgrade to Synapse 1.95.1 or...
CVE-2023-5256
In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading to privilege escalation. This vulnerability only affects sites with the JSON:API module enabled,...
SUSE CVE-2017-7753
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...