CVE-2025-40778

CVE-2025-40778 affects ISC BIND caching behavior: under certain conditions the resolver accepts forged answer data, enabling cache poisoning. Affected versions include 9.11.0–9.16.50, 9.18.0–9.18.39, 9.20.0–9.20.13, 9.21.0–9.21.12, and corresponding S1/build variants. Public advisories (e.g., ALA...

EUVD-2017-0116

Malware in sbrugna...

EUVD-2021-12321

Malware in sbrugna...

EUVD-2025-18557

Malicious code in bioql PyPI...

CVE-2021-25425

Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component...

PT-2024-36600 · Beego · Beego

Name of the Vulnerable Software and Affected Versions: beego versions prior to 2.3.4 Description: The issue concerns the use of MD5 as a hashing algorithm in beego, which is no longer considered secure due to its vulnerability to collision attacks. This vulnerability can lead to data integrity...

CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

Improper Input Validation

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Improper Input Validation of input data stored in the cache. An attacker can manipulate stored data and disrupt the integrity of the cache by injecting malicious input. Remediation Upgrade...

bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content

A flaw was found in the bind9 package, where a client query triggers stale data and also requires local lookups may trigger a assertion failure. This issue results in a denial of service of the bind server...

Assertion failure when serving both stale cache data and authoritative zone content

...

bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content

A flaw was found in the bind9 package, where a client query triggers stale data and also requires local lookups may trigger a assertion failure. This issue results in a denial of service of the bind server...

bind: bind9: Assertion failure when serving both stale cache data and authoritative zone content

A flaw was found in the bind9 package, where a client query triggers stale data and also requires local lookups may trigger a assertion failure. This issue results in a denial of service of the bind server...

CVE-2024-41906

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V2.0. The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache...

CVE-2024-4076 Assertion failure when serving both stale cache data and authoritative zone content

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

USN-6909-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue to cause Bind to become unstable, resulting in a denial of service. CVE-2024-0760 Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large numb...

ISC BIND 安全漏洞

ISC BIND is an ISC open source suite of open source software that implements the DNS protocol. A security vulnerability exists in ISC BIND 9, which stems from an assertion failure when both stale cached data and authoritative zone content are provided...

SUSE CVE-2023-20583

A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information...

CVE-2023-3203 MStore API <= 3.9.6 - Cross-Site Request Forgery to Product Limit Update

The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstoreupdatelimitproduct function. This makes it possible for unauthenticated attackers to update limit the number of product per category to use cache data in home screen via a...

CVE-2023-3203

CVE-2023-3203 affects the WordPress plugin MStore API (versions