Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

41 matches found

Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.2 views

MiracleLinux 7 : cups-1.6.3-43.el7 (AXSA:2020-4559:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4559:02 advisory. cups: Local privilege escalation to root due to insecure environment variable handling CVE-2018-4180 cups: Manipulation of cupsd.conf by a local...

7.8CVSS8.7AI score0.00115EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-7004

Malware in sbrugna...

7.5CVSS7.5AI score0.00276EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-8996

Malware in sbrugna...

5.3CVSS5.6AI score0.00167EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-4645

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.02306EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-7693

Malicious code in bioql PyPI...

5.3CVSS4.7AI score0.00253EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/22 10:38 a.m.3 views

CVE-2019-25091

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

5.3CVSS7AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 8:28 a.m.2 views

CVE-2019-19375

In Octopus Deploy before 2019.10.7, in a configuration where SSL offloading is enabled, the CSRF cookie was sometimes sent without the secure attribute. The fix for this was backported to LTS versions 2019.6.14 and 2019.9.8...

5.3CVSS6.9AI score0.00167EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 4:44 a.m.2 views

SUSE CVE-2017-9785

Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie...

9.8CVSS7.5AI score0.02306EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2023/01/20 12:0 a.m.3 views

PT-2023-9596 · Sentry +1 · Sentry Sdk +1

Name of the Vulnerable Software and Affected Versions: Sentry SDK versions prior to 1.14.0 Description: The issue is related to the leakage of sensitive cookie values, including session cookies, to Sentry when using the Django integration of the Sentry SDK in a specific configuration. This can...

7.6CVSS7.2AI score0.00398EPSS
Exploits0References17
Veracode
Veracodeadded 2023/01/12 2:18 a.m.9 views

Cross-site Request Forgery (CSRF)

github.com/go-macaron/csrf is vulnerable to Cross-site Request Forgery CSRF. The vulnerability exists because the Generate function in csrf.go does not set the secure mode for the CSRF cookie as the value is hardcoded to false for the corresponding arguments of SetCookie, allowing an attacker to...

7.5CVSS3.2AI score0.0016EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2022/12/28 12:30 a.m.14 views

GHSA-MWVP-QR62-CVJX nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without httponly flag. It is possible to...

5.3CVSS5.3AI score0.00253EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2022/12/28 12:30 a.m.19 views

nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without httponly flag. It is possible to...

5.3CVSS1.9AI score0.00253EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2022/12/27 11:15 p.m.12 views

CVE-2019-25091

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

5.3CVSS0.00253EPSS
Exploits0References4
Prion
Prionadded 2022/12/27 11:15 p.m.13 views

Cross site request forgery (csrf)

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

5CVSS5.3AI score0.00253EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2022/12/27 10:42 p.m.16 views

CVE-2019-25091 nsupdate.info CSRF Cookie base.py cookie httponly flag

A vulnerability classified as problematic has been found in nsupdate.info. This affects an unknown part of the file src/nsupdate/settings/base.py of the component CSRF Cookie Handler. The manipulation of the argument CSRFCOOKIEHTTPONLY leads to cookie without 'httponly' flag. It is possible to...

3.7CVSS5.3AI score0.00253EPSS
Exploits0References4
CVE
CVEadded 2022/12/27 10:42 p.m.55 views

CVE-2019-25091

nsupdate.info CSRF Cookie Handler (src/nsupdate/settings/base.py) is affected by CVE-2019-25091. The issue arises from manipulating the CSRF_COOKIE_HTTPONLY setting, causing the CSRF/JWT cookie to be set without the HttpOnly flag. This could enable remote manipulation as described in the vulnerab...

5.3CVSS4.8AI score0.00253EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2022/12/27 12:0 a.m.1 views

PT-2022-8303 · Unknown · Nsupdate.Info

Name of the Vulnerable Software and Affected Versions: nsupdate.info affected versions not specified Description: A problematic vulnerability has been found in nsupdate.info, affecting the component CSRF Cookie Handler in the file src/nsupdate/settings/base.py. The manipulation of the argument CS...

5.3CVSS4.7AI score0.00253EPSS
Exploits0References10
OSV
OSVadded 2022/05/24 7:11 p.m.18 views

GHSA-JX66-5WW9-M6Q4 Cross-Site Request Forgery in OWASP CSRFGuard

In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token...

8.8CVSS8.7AI score0.00141EPSS
Exploits0References4
OSV
OSVadded 2022/05/17 2:26 a.m.21 views

GHSA-MX3Q-J2G2-5QXQ Deserialization of Untrusted Data in NancyFX Nancy

Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie...

9.8CVSS9.7AI score0.02306EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2022/05/17 2:26 a.m.45 views

Deserialization of Untrusted Data in NancyFX Nancy

Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie...

9.8CVSS5AI score0.02306EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder