zebra 安全漏洞

Zebra is an open-source implementation of Zcash full node written in Rust by the Zcash Foundation. There is a security vulnerability in Zebra, which stems from a logical error in the transaction verification caching mechanism. This vulnerability could potentially allow malicious miners to...

Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro is a mail storage and delivery system from Open-Xchange Germany. A security vulnerability exists in Open-Xchange OX Dovecot Pro that stems from the passdb or userdb driver incorrectly caching all users with the same cache key when caching is enabled, causing subsequent...

EUVD-2013-2915

Malware in sbrugna...

EUVD-2023-2767

Malicious code in bioql PyPI...

EUVD-2024-1237

Malicious code in bioql PyPI...

CVE-2025-9901

A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that responses vary appropriately based on request headers such as language or authentication. Without this check, cached content can be...

AZL-67061 CVE-2025-9901 affecting package libsoup 3.0.4-12

A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that responses vary appropriately based on request headers such as language or authentication. Without this check, cached content can be...

PT-2025-27373 · Undefined · Undefined

🚨 Fedora 41 just dropped a critical Moodle security update! ✅ Fixes SSRF, IDOR, and password caching flaws CVE-2025-49513 to CVE-2025-49518. Read more: 👉 https://t.co/Nl2zuUwoVS LinuxSecurity EdTech https://t.co/CACOiVyRhw...

Azure Linux 3.0 Security Update: coredns (CVE-2024-0874)

The version of coredns installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0874 advisory. - A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly...

The vulnerability of the caching mechanism of the declarative delivery tool for GitOps in Kubernetes Argo CD allows attackers to circumvent security restrictions and execute an brute-force attack.

The vulnerability of the caching mechanism for the declarative delivery tool in GitOps for Kubernetes Argo CD lies in the absence of restrictions on authentication attempts when processing the defaultMaxCacheSize parameter. Exploiting this vulnerability allows a malicious actor to bypass security...

SUSE-SU-2023:2263-2 Security update for python-Flask

This update for python-Flask fixes the following issues: - CVE-2023-30861: Fixed a potential cookie confusion due to incorrect caching bsc1211246...

PYSEC-2023-62

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session...

SUSE CVE-2019-12400

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this...

OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerabilit...

DEBIAN-CVE-2019-19602

fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact because of incorrect fpufpregsownerctx caching, as demonstrated...

CVE-2019-5756

Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

cxf: CXF's STSClient uses a flawed way of caching tokens that are associated with delegation tokens

It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service STS. This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token...

CVE-2017-17734

CMS Made Simple CMSMS before 2.2.5 does not properly cache login information in sessions...

CVE-2017-5656

CVE-2017-5656 : Apache CXF’s STSClient (before 3.1.11 and 3.0.13) caches delegation-related tokens in a flawed way, enabling an attacker to craft a token that resolves to a cached token identifier belonging to another user. This can bypass security restrictions. The provided documents confirm the...

The vulnerability of the Android operating system allows a hacker to replace the server

The vulnerability of the caching function in the TrustManagerImpl class TrustManagerImpl.java of the Conscrypt component in the Android operating system is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to replace servers by accessing...