27 matches found
CVE-2024-1272 Information Disclosure to Source Code in TNB Mobile Solutions' Cockpit Software
Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data. This issue affects Cockpit Software: before v0.251.1...
PT-2023-29206 · Cockpit · Cockpit
Name of the Vulnerable Software and Affected Versions: cockpit versions prior to 2.6.4 Description: The issue is related to Cross-site Scripting XSS - Reflected in the GitHub repository cockpit-hq/cockpit. This type of attack occurs when an application includes user input in its response without...
PT-2023-28732 · Cockpit · Cockpit
Name of the Vulnerable Software and Affected Versions: cockpit versions prior to 2.4.3 Description: The issue is related to Cross-site Scripting XSS - Stored in the GitHub repository cockpit-hq/cockpit. This type of attack occurs when an application stores user input and later displays it without...
PT-2023-16790 · Cockpit · Cockpit
Name of the Vulnerable Software and Affected Versions: cockpit versions prior to 2.4.0 Description: The issue concerns the use of platform-dependent third-party components in the GitHub repository cockpit-hq/cockpit. A patch is available and is anticipated to be part of version 2.4.0...
CVE-2022-2818
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit prior to 2.2.2...
PT-2022-18239 · Cockpit · Cockpit
Name of the Vulnerable Software and Affected Versions: Cockpit versions prior to 2.2.0 Description: The issue is related to insufficient session expiration. The application does not validate requests after password changes, allowing a user to change their account details even after an admin chang...
CVE-2020-35850
An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think it is a big real-life issue...