Lucene search
K

35 matches found

PyPA
PyPA
added 2024/06/14 9:15 a.m.6 views

PYSEC-2024-195

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow.Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser.This issue affects Apache...

5.5CVSS6.6AI score0.00318EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.4 views

PT-2024-4257 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.9.2 Description: The issue is related to the use of web browser cache containing sensitive information in Apache Airflow. Airflow did not return a "Cache-Control" header for dynamic content, which could resu...

5.5CVSS6.2AI score0.00318EPSS
Exploits0References17
CNNVD
CNNVD
added 2023/10/22 12:0 a.m.3 views

ZEIT Next.js Security Vulnerability

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack and Babel.js. A security vulnerability exists in versions prior to Next.js 13.4.20-canary.13 that stems from a missing cache control header, which can lead to a denial of service...

7.5CVSS6.5AI score0.01284EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.6 views

SUSE CVE-2014-3581

The cachemergeheadersout function in modules/cache/cacheutil.c in the modcache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty HTTP Content-Type header...

5CVSS8.7AI score0.13451EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2019/10/11 9:46 a.m.46 views

CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

6.1CVSS2.6AI score0.02323EPSS
Exploits0References2
OSV
OSV
added 2018/06/11 9:29 p.m.1 views

DEBIAN-CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

5.9CVSS8.2AI score0.02323EPSS
Exploits0References1
Prion
Prion
added 2018/06/11 9:29 p.m.18 views

Design/Logic Flaw

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

4.3CVSS6.3AI score0.02323EPSS
Exploits0References11Affected Software9
Debian CVE
Debian CVE
added 2018/06/11 9:0 p.m.25 views

CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

5.9CVSS7.8AI score0.02323EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/03/14 12:0 a.m.23 views

CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

5.9CVSS6.9AI score0.02323EPSS
Exploits0References3
OSV
OSV
added 2018/03/14 12:0 a.m.2 views

UBUNTU-CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

5.9CVSS6.9AI score0.02323EPSS
Exploits0References4
Mozilla
Mozilla
added 2018/03/13 12:0 a.m.516 views

Security vulnerabilities fixed in Firefox ESR 52.7 — Mozilla

A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash. A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandb...

9.8CVSS1.4AI score0.08024EPSS
Exploits3References7Affected Software1
0day.today
0day.today
added 2014/10/28 12:0 a.m.55 views

HttpCombiner ASP.NET - Remote File Disclosure Vulnerability

Exploit for asp platform in category web applications Exploit Title: HttpCombiner ASP.NET Remote File Disclosure Vulnerability Google Dork: filetype:txt intext:HttpCombiner.ashx Date: 2014-10-10 Exploit Author: Hoang Anh Thai Vendor Homepage:...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/12/14 12:0 a.m.31 views

Fedora 20 : mediawiki-1.21.3-1.fc20 (2013-22047)

Kevin Israel Wikipedia user PleaseStand identified and reported two vectors for injecting JavaScript in CSS that bypassed MediaWiki's blacklist CVE-2013-4567, CVE-2013-4568. - Internal review while debugging a site issue discovered that MediaWiki and the CentralNotice extension were incorrectly...

7.5CVSS7.1AI score0.02142EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2013/12/02 12:0 a.m.31 views

Fedora 19 : mediawiki-1.21.3-1.fc19 (2013-21856)

Kevin Israel Wikipedia user PleaseStand identified and reported two vectors for injecting JavaScript in CSS that bypassed MediaWiki's blacklist CVE-2013-4567, CVE-2013-4568. - Internal review while debugging a site issue discovered that MediaWiki and the CentralNotice extension were incorrectly...

7.5CVSS7.1AI score0.02142EPSS
Exploits0References12
OSV
OSV
added 2013/11/26 5:25 a.m.5 views

UBUNTU-CVE-2013-4522

lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain sensitive information by requesting a file that had been previously retrieved by a caching proxy...

5CVSS5.8AI score0.01538EPSS
Exploits1References5
Rows per page
Query Builder