Use of Web Browser Cache Containing Sensitive Information

Overview @astrojs/node is a Deploy your site to a Node.js server Affected versions of this package are vulnerable to Use of Web Browser Cache Containing Sensitive Information via the serve-static.ts component. An attacker can cause legitimate users to receive persistent error responses for static...

Use Of Web Browser Cache Containing Sensitive Information

Drupal core is vulnerable to Use of Web Browser Cache Containing Sensitive Information. The vulnerability is due to improper cache control handling, which allows sensitive information to be stored in browser cache and potentially accessed by unauthorized users...

CVE-2025-13083

Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before...

Use of Web Browser Cache Containing Sensitive Information

Overview Affected versions of this package are vulnerable to Use of Web Browser Cache Containing Sensitive Information due to using an incorrect cache-control header. A local attacker can gain unauthorized access to previously downloaded files by retrieving them from the browser's cache...

Use of Web Browser Cache Containing Sensitive Information

Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Use of Web Browser Cache Containing Sensitive Information due to using an incorrect cache-control header. A local attacker can gain unauthorized access to previous...

EUVD-2013-4803

Malware in sbrugna...

EUVD-2024-0012

Malicious code in bioql PyPI...

CVE-2025-1348 IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy...

CVE-2025-1348

CVE-2025-1348 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (versions 6.0.0.0–6.1.2.6 and 6.2.0.0–6.2.0.4). The root cause is an improper cache policy that allows a local user to obtain sensitive information from a user’s browser cache. IBM’s advisory lists the CVSSv3.1 base s...

CVE-2013-4959

Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as 1 host name, 2 MAC address, and 3 SSH keys via the web browser cache...

PT-2025-15985 · Ibm · Ibm Sterling Control Center

Name of the Vulnerable Software and Affected Versions: IBM Sterling Control Center versions 6.2.1 through 6.4.0 Description: The issue allows web pages to be stored locally, which can then be read by another user on the system, potentially exposing sensitive information. Recommendations: For...

CVE-2024-30130 HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability

HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information...

CVE-2024-30130 HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability

HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information...

BIT-AIRFLOW-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

Apache Airflow does not return the "Cache-Control" header for dynamic content

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

Use of Web Browser Cache Containing Sensitive Information

Overview mysql2 is a mostly API compatible with mysqljs and supports majority of features. Affected versions of this package are vulnerable to Use of Web Browser Cache Containing Sensitive Information through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon...

Cengage LTI Session Management Leakage

Prior to December 10, 2022, Cengage, an education technology provider in use in many higher education environments primarily in the United States, had two issues in the way it handled session management over its Learning Tools Integration LTI pipeline. The first issue involves leaving unexpectedl...

ICSA-20-072-01_ABB eSOMS

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: eSOMS Vulnerabilities: Use of Web Browser Cache Containing Sensitive Information, Improper Restriction of Rendered UI Layers or Frames, Improper Neutralization of HTTP Headers for...

Design/Logic Flaw

Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache...

CVE-2015-7368

Revive Adserver before 3.2.2 is affected by CVE-2015-7368: it does not send proper Cache-Control headers for admin UI pages, allowing local users to access cached sensitive information after logout. Affected product/version: Revive Adserver prior to 3.2.2. Root cause: improper header handling lea...