36 matches found
Trend Micro Apex One 安全漏洞
Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a security vulnerability, which stems from a race condition between the check time and the usage time in its caching mechanism. This vulnerability could allow local...
Authlib 跨站请求伪造漏洞
Authlib is an open-source library developed by Authlib, designed as a ultimate Python library for building OAuth and OpenID Connect servers. Versions of Authlib prior to 1.6.11 contained a cross-site request forgeing vulnerability, which stemmed from the lack of CSRF protection in the caching...
CVE-2025-14806 IBM Planning Analytics Information Disclosure
IBM Planning Analytics Local 2.1.0 through 2.1.17 could allow an attacker to trick the caching mechanism into storing and serving sensitive, user-specific responses as publicly cacheable resources...
CVE-2026-3904
A flaw was found in glibc. When calling NSS-backed functions that support caching via nscd, the nscd client under high load on x8664 systems may call the memcmp function on inputs that are concurrently modified by other processes or threads, causing a crash and resulting in a denial of service...
EUVD-2021-24831
Malware in sbrugna...
CVE-2025-9901
A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that responses vary appropriately based on request headers such as language or authentication. Without this check, cached content can be...
Intel Processors 安全漏洞
Intel Processors is a family of processors from Intel Corporation USA. A security vulnerability exists in Intel Processors that stems from an improperly isolated stream caching mechanism that could lead to elevated privileges...
GHSA-4QJH-9FV9-R85R Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching
This issue arises from the prefix caching mechanism, which may expose the system to a timing side-channel attack. Description When a new prompt is processed, if the PageAttention mechanism finds a matching prefix chunk, the prefill process speeds up, which is reflected in the TTFT Time to First...
CVE-2021-38378
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name...
DNS Cache Poisoning
github.com/coredns/coredns is vulnerable to DNS Cache Poisoning. The vulnerability is due to manipulation of the DNS caching mechanism through a birthday attack, which allows attackers to achieve DNS cache poisoning by injecting fake responses...
Fedora: Security Advisory for cachelib (FEDORA-2023-7934802344)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for cachelib (FEDORA-2023-2a9214af5f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Open-xchange OX App Suite Information Disclosure Vulnerability (CNVD-2021-90765)
Open-xchange OX App Suite is a web-based cloud desktop environment from Open-Xchange Open-xchange, a US-based company that allows users to more intuitively manage email, tasks, files, etc. An information disclosure vulnerability exists in Open-xchange OX App Suite. An information disclosure...
CVE-2021-38378
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name...
CVE-2021-38378
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name...
Information disclosure
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name...
Etherpad SQL注入漏洞
Etherpad-Lite is a web-based open source document editor from the Etherpad Foundation. A security vulnerability exists in Etherpad versions prior to 1.8.3, which stems from a specially designed URI that raises an unhandled exception in the caching mechanism and results in a denial of service...
maltrail
This is a Python script repository for a malicious traffic detection system called Maltrail. The repository contains various files and directories, including configuration files, data storage files, and scripts for data processing and analysis. The script uses a variety of techniques to detect...
CVE-2019-12400
In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this...
Arbitrary Code Injection
xmlsec is vulnerable to arbitrary code injection. An attacker is able to inject arbitrary code via the caching mechanism that was introduced to speed up the creation of new XML documents...