Lucene search
+L

31 matches found

CVE
CVE
added 2025/08/29 10:1 a.m.20 views

CVE-2025-4644

CVE-2025-4644 describes a Session Fixation vulnerability in Payload’s SQLite adapter where an attacker could trigger identifier reuse during account creation. The attacker could create an account, store its JWT, delete the account, and later a new user would receive the same identifier, enabling ...

5.3CVSS6.5AI score0.00484EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.7 views

Payload 授权问题漏洞

Payload is a Headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Payload suffers from an authorization issue vulnerability that stems from SQLite adapters reusing identifiers during account creation, which could lead to a session fixation attack...

5.3CVSS6.4AI score0.00382EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the reuse of msgid after maliciously completing a reopen request, which could result in a read request being...

7.8CVSS6.4AI score0.00282EPSS
Exploits0References5
NVD
NVD
added 2023/06/30 9:15 p.m.36 views

CVE-2023-29147

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier...

5.5CVSS5.5AI score0.00281EPSS
Exploits0References2
Prion
Prion
added 2023/06/30 9:15 p.m.19 views

Design/Logic Flaw

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier...

1.7CVSS5.6AI score0.00281EPSS
Exploits0References2Affected Software2
RedHat Linux
RedHat Linux
added 2023/05/04 1:19 p.m.7 views

libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01175EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/05/04 12:0 a.m.8 views

PT-2023-22636 · Unknown · Shimo Vpn Client

Name of the Vulnerable Software and Affected Versions: Shimo VPN Client for macOS version 5.0.4 Description: An issue in the helper tool of Shimo VPN Client for macOS allows attackers to bypass authentication via PID re-use. Recommendations: For Shimo VPN Client for macOS version 5.0.4, update to...

9.8CVSS9.3AI score0.01087EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.4 views

PT-2022-24784 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw was found in the offline access scope in Keycloak, affecting users of shared computers more, especially if cookies are not cleared. This issue is due to a lack of root session...

6.8CVSS5.9AI score0.00952EPSS
Exploits0References21
CNNVD
CNNVD
added 2022/11/09 12:0 a.m.56 views

Red Hat Keycloak 代码问题漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A security vulnerability exists in Red Hat Keycloak offlineaccess, which stems from a lack of root session authentication and reuse of session...

6.8CVSS6.4AI score0.00952EPSS
Exploits0References16
CNNVD
CNNVD
added 2021/04/14 12:0 a.m.7 views

红帽 Red Hat Ceph 授权问题漏洞

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system without a single point of failure, based on POSIX Portable Operating System Interface, enabling fault-tolerant and seamless data replication. cep...

7.2CVSS7.2AI score0.02128EPSS
Exploits0References21
OSV
OSV
added 2020/06/11 3:15 p.m.2 views

CVE-2020-0203

In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup. This could lead to local escalation of privilege between constrained processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS5.9AI score
Exploits0References1
Rows per page
Query Builder