6 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-6760
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150. CVE-2026-6760 Note that Nessus relies o...
CVE-2024-20869
Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies...
Mozilla Firefox Security Advisory (MFSA2023-22) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2023-22. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
GHSA-PX8H-6QXV-M22Q Incorrect parsing of nameless cookies leads to __Host- cookies bypass
Browsers may allow "nameless" cookies that look like =value instead of key=value. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like =Host-test=bad for another subdomain. Werkzeug = 2.2.2 will parse the cookie =Host-test=bad as...
CVE-2023-23934 Wrkzeug's incorrect parsing of nameless cookies leads to __Host- cookies bypass
Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like =value instead of key=value. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like =Host-test=bad for another subdomain...
Mozilla: Reader mode bypassed SameSite cookies
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of requests initiated through the reader mode did not properly omit cookies with a SameSite attribute...