28 matches found
ZTE Routers - Unauthenticated Denial of Service
Exploit Title: ZTE Routers - Unauthenticated Denial of Service Date: 2026-05-20 Exploit Author: Mina Nageh Salalma Monx Research Vendor Homepage: https://www.zte.com.cn Software Link: https://github.com/minanagehsalalma/cve-2026-34473-unauthenticated-dos-zte-routers Version: Multiple ZTE router...
EUVD-2014-2899
Malware in sbrugna...
EUVD-2014-1171
Malware in sbrugna...
EUVD-2014-1170
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-2875
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated based on OS time, which allows remote attackers to hijack arbitrar...
CVE-2014-2875
The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated based on OS time, which allows remote attackers to hijack arbitrary sessions via a brute force attack. NOTE: CVE-2014-10399 and CVE-2014-10400 were SPLIT from this ID...
CVE-2014-10399
The session.lua library in CGILua 5.1.x uses the same ID for each session, which allows remote attackers to hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875...
CVE-2014-2875
The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated based on OS time, which allows remote attackers to hijack arbitrary sessions via a brute force attack. NOTE: CVE-2014-10399 and CVE-2014-10400 were SPLIT from this ID...
DEBIAN-CVE-2014-2875
The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated based on OS time, which allows remote attackers to hijack arbitrary sessions via a brute force attack. NOTE: CVE-2014-10399 and CVE-2014-10400 were SPLIT from this ID...
CVE-2014-10400
The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875...
Code injection
The session.lua library in CGILua 5.1.x uses the same ID for each session, which allows remote attackers to hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875...
Code injection
The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875...
CVE-2014-10400
The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875...
CVE-2014-10400
CVE-2014-10400 affects CGILua’s session.lua in 5.0.x, where sequential session IDs enable remote attackers to predict and hijack arbitrary sessions. The vulnerability stems from the use of predictable session IDs, as noted in the CVE description, and CVE-2014-10400 was SPLIT from CVE-2014-2875. P...
CVE-2014-10400
The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875...
CVE-2014-10399
In CGILua, CVE-2014-10399 stems from the session.lua library using non-unique/weak session IDs across sessions. CGILua 5.1.x creates identical IDs per session, enabling remote hijacking; CGILua 5.0.x uses sequential IDs; 5.2 alpha releases also generate weak IDs. The vulnerability allows session ...
CVE-2014-10399
The session.lua library in CGILua 5.1.x uses the same ID for each session, which allows remote attackers to hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875...
CVE-2014-10399
The session.lua library in CGILua 5.1.x uses the same ID for each session, which allows remote attackers to hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875...
CVE-2014-2875
CVE-2014-2875 refers to the session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2, which uses weak session IDs generated from OS time. This allows remote attackers to hijack arbitrary sessions via brute-force guessing. The issue is documented as a split from CVE-2014-10399 and CVE-2014-10400....
CVE-2014-2875
The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses weak session IDs generated based on OS time, which allows remote attackers to hijack arbitrary sessions via a brute force attack. NOTE: CVE-2014-10399 and CVE-2014-10400 were SPLIT from this ID...