CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CNNVD•added 2026/06/10 12:0 a.m.•12 views

Spring Security 输入验证错误漏洞

Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. Spring Security has a vulnerability related to input validation. This vulnerability arises from the use of CookieRequestCache and CookieServerRequestCache, which store...

6.1CVSS5.4AI score0.00211EPSS

Exploits0References2

CVE•added 2026/03/07 4:6 p.m.•8 views

CVE-2026-28678

DSA Study Hub (server/routes/auth.js) is affected. Before commit d527fba, authentication used JWTs stored in HTTP cookies without cryptographic protection of the payload, enabling Insufficiently Protected Credentials. The issue impacts the authentication flow and could allow unauthorized access; ...

9.1CVSS5.7AI score0.00165EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/03/07 4:6 p.m.•28 views

CVE-2026-28678 dsa-hub-server: Clear-Text Storage of Sensitive Data

DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens JWTs were stored in HTTP cookies without cryptographic protection...

8.1CVSS0.00165EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2012-0868

Malware in sbrugna...

5.5CVSS5.3AI score0.00429EPSS

Exploits0References6

BDU FSTEC•added 2024/06/28 12:0 a.m.•3 views

The vulnerability of Netgear WNR614 N300 Wi-Fi router’s microprogramming software lies in the use of cookies for storing confidential information without the HttpOnly flag. This allows a hacker to disclose the protected information.

The vulnerability of Netgear WNR614 N300 Wi-Fi router’s microprogramming software relates to the use of cookies for storing confidential information without the HttpOnly flag. Exploiting this vulnerability can allow an attacker to disclose the protected information...

7.5CVSS5.4AI score0.0027EPSS

Exploits1References4Affected Software1

Vivaldi Security Advisories•added 2021/12/14 10:48 p.m.•6 views

Minor update (2) for Vivaldi Desktop Browser 5.0

Download Vivaldi The following improvements were made since the first 5.0 stable, minor update: Chromium Upgraded to 96.0.4664.113: includes fix for CVE-2021-4102 Mail Beta Import Email from Opera function is disabled VB-84729 PrivacyPrivate Window Cookies can sometimes get saved to the normal...

8.8CVSS7.2AI score0.07836EPSS

Exploits0References1

UbuntuCve•added 2019/11/19 4:15 p.m.•25 views

CVE-2012-0843

uzbl: Information disclosure via world-readable cookies storage file...

5.5CVSS6.1AI score0.00429EPSS

Exploits0References1

Prion•added 2019/11/19 4:15 p.m.•7 views

Information disclosure

uzbl: Information disclosure via world-readable cookies storage file...

2.1CVSS6.8AI score0.00429EPSS

Exploits0References5Affected Software1

CVE•added 2019/11/19 3:56 p.m.•60 views

CVE-2012-0843

CVE-2012-0843 affects the uzbl browser, where information disclosure arises from a world-readable cookies storage file. Root cause is exposure of cookies data stored in a world-readable file, enabling partial confidentiality impact (C: HIGH in CVSS3.1) with local, low-complexity access and no aut...

5.5CVSS5.2AI score0.00429EPSS

Exploits0References5Affected Software1

Cvelist•added 2019/11/19 3:56 p.m.•35 views

CVE-2012-0843

uzbl: Information disclosure via world-readable cookies storage file...

5.3AI score0.00429EPSS

Exploits0References5