Lucene search
K

429 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-19846

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00353EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47778

Malicious code in bioql PyPI...

5.8CVSS6.6AI score0.00644EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-54601

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.3 views

Digisol DG-GR6821AC Router 安全漏洞

Digisol DG-GR6821AC Router is a WiFi router from Digisol India. A security vulnerability exists in the Digisol DG-GR6821AC Router, which stems from the session cookie not being configured with the Secure and HttpOnly flags, which could lead to a remote attacker obtaining sensitive information...

8.7CVSS6.7AI score0.00273EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/11 12:0 a.m.2 views

Unspecified Vulnerability in Endress+Hauser MEAC300-FNADE4 (CNVD-2025-16350)

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the HttpOnly flag not being set, which can be exploited by an attacker to cause session...

5.3CVSS7AI score0.00353EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/05 12:4 p.m.7 views

CVE-2025-27453

The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed by other sources such as JavaScript...

5.3CVSS6.4AI score0.00353EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 12:15 p.m.5 views

CVE-2025-27453

The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed by other sources such as JavaScript...

6.5CVSS5.8AI score0.00353EPSS
Exploits0References6
NVD
NVD
added 2025/07/03 12:15 p.m.5 views

CVE-2025-27453

The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed by other sources such as JavaScript...

6.5CVSS0.00353EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/07/03 11:29 a.m.6 views

CVE-2025-27453 CVE-2025-27453

The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed by other sources such as JavaScript...

5.3CVSS7.1AI score0.00353EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/07/03 11:29 a.m.7 views

CVE-2025-27453 CVE-2025-27453

The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed by other sources such as JavaScript...

5.3CVSS0.00353EPSS
Exploits0References6
CVE
CVE
added 2025/07/03 11:29 a.m.19 views

CVE-2025-27453

CVE-2025-27453 affects Endress+Hauser MEAC300-FNADE4. The underlying issue is an HttpOnly flag misconfiguration on the PHPSESSION cookie, allowing access via JavaScript and enabling potential session hijacking. Public-facing documents consistently describe this as a vulnerability in the MEAC300-F...

6.5CVSS6.5AI score0.00353EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.4 views

PT-2025-27782

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns the HttpOnly flag being set to false on the PHPSESSION cookie, allowing it to be accessed by other sources such as JavaScript. Recommendations: At the moment, there is no...

6.5CVSS5.9AI score0.00353EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.3 views

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4 that stems from the HttpOnly flag not being set, which can be exploited by an attacker to cause session...

6.5CVSS6.7AI score0.00353EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/06/14 2:24 p.m.5 views

CVE-2025-49189

The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies...

5.3CVSS5.2AI score0.0025EPSS
Exploits0References1
NVD
NVD
added 2025/06/12 2:15 p.m.8 views

CVE-2025-49189

The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies...

6.1CVSS0.0025EPSS
Exploits0References6
OSV
OSV
added 2025/06/12 2:15 p.m.2 views

CVE-2025-49189

The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies...

6.1CVSS5.8AI score
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/06/12 2:3 p.m.4 views

CVE-2025-49189 Cookie missing HttpOnly flag

The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies...

5.3CVSS6.8AI score0.0025EPSS
Exploits0References6
CVE
CVE
added 2025/06/12 2:3 p.m.45 views

CVE-2025-49189

CVE-2025-49189 describes a flaw where the HttpOnly flag on the session cookie "@@" is set to false, enabling client-side access to cookies and increasing the risk of Cross-Site Scripting. The provided sources indicate a medium impact (CVSS 3.1 base ~6.1; confidentiality/integrity impacts low) wit...

6.1CVSS6.8AI score0.0025EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/06/12 2:3 p.m.16 views

CVE-2025-49189 Cookie missing HttpOnly flag

The HttpOnlyflag of the session cookie "@@" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to a higher possibility of Cross-Side-Scripting attacks which target the stored cookies...

5.3CVSS0.0025EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/06/12 12:0 a.m.7 views

PT-2025-25315

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue concerns the session cookie @@ with its HttpOnly flag set to false. This setting increases the risk of Cross-Side-Scripting attacks targeting stored cookies, as it allows client-side...

6.1CVSS5.4AI score0.0025EPSS
Exploits0References10
Rows per page
Query Builder