CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Github Security Blog•added 2026/04/21 3:21 p.m.•5 views

Auth0 Next.js SDK has Improper Proxy Cache Lookup

Description In affected versions of the Next.js SDK, simultaneous requests that trigger a nonce retry may cause the proxy cache fetcher to perform improper lookups for the token request results. Which Projects are Affected? Users are affected if they meet all of the following preconditions: -...

5.4CVSS5.8AI score0.00023EPSS

Exploits0References5Affected Software1

OSV•added 2026/04/21 3:21 p.m.•3 views

GHSA-XQ8M-7C5P-C2R6 Auth0 Next.js SDK has Improper Proxy Cache Lookup

5.4CVSS5.8AI score0.00023EPSS

Exploits0References5

CVE•added 2026/04/17 8:54 p.m.•7 views

CVE-2026-40155

The CVE concerns the Auth0 Next.js SDK. Affected versions: 4.12.0–4.17.1. Issue: when multiple simultaneous requests trigger a nonce retry, the proxy cache fetcher may perform improper lookups for token request results. Impact: affects projects using both the vulnerable SDK versions and the proxy...

5.4CVSS5.7AI score0.00023EPSS

Exploits0References3Affected Software1

Veracode•added 2024/08/28 1:20 a.m.•7 views

Incorrect Input Validation

Apache Traffic Server is vulnerable to Incorrect Input Validation. The vulnerability is caused due to Invalid Accept-Encoding header. This can lead to fail cache lookup and force forwarding requests...

8.2CVSS6.6AI score0.00121EPSS

Exploits0References2Affected Software1

OSV•added 2024/08/16 11:8 a.m.•1 views

OESA-2024-1981 trafficserver security update

Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from...

8.2CVSS7AI score0.00121EPSS

Exploits0References2

RedhatCVE•added 2024/07/29 6:30 a.m.•22 views

CVE-2024-35296

Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue...

6.9AI score0.00121EPSS

Exploits0References4

NVD•added 2024/07/26 10:15 a.m.•18 views

CVE-2024-35296

8.2CVSS0.00121EPSS

Exploits0References2

OSV•added 2024/07/26 10:15 a.m.•1 views

DEBIAN-CVE-2024-35296

8.2CVSS5.2AI score0.00121EPSS

Exploits0References1

OSV•added 2024/07/26 10:15 a.m.•14 views

CVE-2024-35296

8.2CVSS8.1AI score

Exploits0References2

UbuntuCve•added 2024/07/26 10:15 a.m.•17 views

CVE-2024-35296

8.2CVSS5.8AI score0.00121EPSS

Exploits0References3

OSV•added 2024/07/26 10:15 a.m.•0 views

UBUNTU-CVE-2024-35296

8.2CVSS5.8AI score0.00121EPSS

Exploits0References4

Vulnrichment•added 2024/07/26 9:11 a.m.•21 views

CVE-2024-35296 Apache Traffic Server: Invalid Accept-Encoding can force forwarding requests

7.2AI score0.00121EPSS

Exploits0References1

CVE•added 2024/07/26 9:11 a.m.•69 views

CVE-2024-35296

Apache Traffic Server (versions 8.0.0–8.1.10 and 9.0.0–9.2.4) is affected by CVE-2024-35296 due to incorrect handling of the Accept-Encoding header, which can cause cache lookups to fail and lead to forwarding requests. The issue is resolved by upgrading to 8.1.11 or 9.2.5. Certified advisories f...

8.2CVSS6.6AI score0.00121EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/07/26 9:11 a.m.•21 views

CVE-2024-35296 Apache Traffic Server: Invalid Accept-Encoding can force forwarding requests

0.00121EPSS

Exploits0References1

Positive Technologies•added 2024/07/25 12:0 a.m.•1 views

PT-2024-5532 · Apache · Apache Traffic Server

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 8.0.0 through 8.1.10 Apache Traffic Server versions 9.0.0 through 9.2.4 Description: The issue is related to insufficient input validation, allowing a remote attacker to execute arbitrary requests using the HTTP...

9.1CVSS7.8AI score0.00488EPSS

Exploits0References26

UbuntuCve•added 2022/09/26 12:0 a.m.•43 views

CVE-2022-3204

A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for...

7.5CVSS6.9AI score0.00356EPSS

Exploits0References3

ATTACKERKB•added 2020/12/14 10:15 p.m.•2 views

CVE-2020-0464

In resolvcachelookup of rescache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.5CVSS5.6AI score0.00017EPSS

Exploits0References2

OSV•added 2018/12/03 2:29 p.m.•0 views

UBUNTU-CVE-2018-16855

An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash...

7.5CVSS7AI score0.70787EPSS

Exploits0References3

Debian CVE•added 2018/12/03 2:0 p.m.•27 views

CVE-2018-16855

7.5CVSS7.6AI score0.70787EPSS

Exploits0

Talos•added 2016/09/13 12:0 a.m.•147 views

Microsoft Windows10 AHCACHE.SYS Remote Denial Of Service

Summary A denial of service vulnerability exists in the AHCACHE.SYS driver. A specially crafted Portable Executable file can cause a bugcheck in the Windows kernel resulting in remote denial of service. Tested Versions Windows 10, AHCACHE.SYS version 10.0.10586.0 Tested on Windows 10 X86 Product...

7.8CVSS6.7AI score0.18807EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by