Total
28 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32909 | 1 Apple | 1 Iphone Os | 2025-05-06 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved handling of caches. This issue is fixed in iOS 16. An app may be able to access user-sensitive data. | |||||
| CVE-2021-44854 | 1 Mediawiki | 1 Mediawiki | 2025-04-14 | N/A | 5.3 MEDIUM |
| An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results from private wikis. | |||||
| CVE-2024-12314 | 1 Megaoptim | 1 Rapid Cache | 2025-02-24 | N/A | 7.2 HIGH |
| The Rapid Cache plugin for WordPress is vulnerable to Cache Poisoning in all versions up to, and including, 1.2.3. This is due to plugin storing HTTP headers in the cached data. This makes it possible for unauthenticated attackers to poison the cache with custom HTTP headers that may be unsanitized which can lead to Cross-Site Scripting. | |||||
| CVE-2024-49580 | 1 Jetbrains | 1 Ktor | 2024-12-06 | N/A | 5.3 MEDIUM |
| In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure | |||||
| CVE-2024-0874 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching. | |||||
| CVE-2023-37486 | 1 Sap | 2 Commerce Cloud, Commerce Hycom | 2024-11-21 | N/A | 5.9 MEDIUM |
| Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On successful exploitation there could be a high impact on confidentiality with no impact on integrity and availability of the application. | |||||
| CVE-2022-3292 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | N/A | 4.6 MEDIUM |
| Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8. | |||||
| CVE-2024-41906 | 1 Siemens | 1 Sinec Traffic Analyzer | 2024-08-14 | N/A | 6.5 MEDIUM |
| A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache. | |||||