Lucene search
+L

364 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:30 a.m.11 views

CVE-2022-48469

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers...

6.5CVSS6.8AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:0 p.m.6 views

CVE-2022-33722

Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address...

4CVSS6.8AI score0.00088EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:22 p.m.7 views

CVE-2021-41553

In ARCHIBUS Web Central 21.3.3.815 a version from 2014, the Web Application in /archibus/login.axvw assign a session token that could be already in use by another user. It was therefore possible to access the application through a user whose credentials were not known, without any attempt by the...

9.8CVSS7AI score0.01203EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.9 views

CVE-2021-25368

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed...

7.5CVSS6.8AI score0.0056EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.8 views

CVE-2021-25347

Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed...

5.3CVSS6.8AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:45 p.m.12 views

CVE-2021-38571

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502...

7.8CVSS7AI score0.00547EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:31 p.m.8 views

CVE-2020-24162

The Shenzhen Tencent app 5.8.2.5300 for PC platforms from Tencent App Center has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code...

7.8CVSS7.2AI score0.00403EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:30 a.m.11 views

CVE-2019-5245

HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execute arbitrary code...

5.3CVSS7.3AI score0.00391EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:39 a.m.7 views

CVE-2012-4581

McAfee Email and Web Security EWS 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway MEG 7.0 before Patch 1, does not disable the server-side session token upon the closing of the Management Console/Dashboard, which makes it easier for remote attackers to hijack sessions by...

6.8CVSS7.1AI score0.01209EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:32 a.m.8 views

CVE-2012-4486

Cross-site request forgery CSRF vulnerability in the Subuser module before 6.x-1.8 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that switch the user to a subuser via unspecified vectors...

6.8CVSS7.7AI score0.00643EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 6:9 p.m.14 views

CVE-2023-31358

A DLL hijacking vulnerability in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

7.8CVSS7.4AI score0.00139EPSS
Exploits0References3
NVD
NVD
added 2025/05/13 5:15 p.m.7 views

CVE-2024-36339

A DLL hijacking vulnerability in the AMD Optimizing CPU Libraries could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

7.3CVSS0.00149EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/07 12:0 a.m.6 views

Hostel Management System change-password.php File Session Hijacking Vulnerability

Hostel Management System is a hostel management system. Hostel Management System has a session hijacking vulnerability that stems from improper handling of session data in the file /hostel/change-password.php, no details of the vulnerability are available at this time...

9.1CVSS6.9AI score0.0036EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/11 7:8 p.m.18 views

CVE-2025-2630

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI...

7.8CVSS7.5AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 7:15 p.m.17 views

CVE-2025-2630

There is a DLL hijacking vulnerability due to an uncontrolled search path that exists in NI LabVIEW. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to insert a malicious DLL into the uncontrolled search path. This vulnerability affects NI...

7.8CVSS0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/14 10:26 p.m.25 views

CVE-2025-27794

Flarum is open-source forum software. A session hijacking vulnerability exists in versions prior to 1.8.10 when an attacker-controlled authoritative subdomain under a parent domain e.g., subdomain.host.com sets cookies scoped to the parent domain .host.com. This allows session token replacement f...

6.8CVSS6.7AI score0.00463EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/03/13 12:45 p.m.1371 views

Autodesk: Twitter broken link hijacking in thewild.com

A broken link hijacking vulnerability was discovered on thewild.com. The issue was reported and subsequently fixed by Autodesk...

7.1AI score
Exploits0
CVE
CVE
added 2025/03/12 2:0 p.m.74 views

CVE-2025-27794

Summary: CVE-2025-27794 affects Flarum versions prior to 1.8.10, where an attacker-controlled authoritative subdomain can set cookies for the parent domain, potentially enabling session hijacking on sibling subdomains. What is affected: Flarum core (pre-1.8.10) with cookies scoped to a parent dom...

6.8CVSS6.6AI score0.00463EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/03/05 4:14 p.m.52 views

CVE-2025-20206 Cisco Secure Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability

A vulnerability in the interprocess communication IPC channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This...

7.1CVSS0.00172EPSS
Exploits0References1
NVD
NVD
added 2025/02/13 11:15 p.m.13 views

CVE-2025-22960

A session hijacking vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters. Unauthenticated attackers can access exposed log files /logs/debug/xteLog, potentially revealing sensitive session-related information such as session IDs sessid and...

8CVSS0.0039EPSS
Exploits0References1
Rows per page
Query Builder