129 matches found
EUVD-2013-4485
Malware in sbrugna...
EUVD-2013-1021
Malware in sbrugna...
EUVD-2013-0547
Malware in sbrugna...
EUVD-2025-3158
Malicious code in bioql PyPI...
PT-2025-36979
Name of the Vulnerable Software and Affected Versions: BLMon affected versions not specified Description: An OS Command Injection issue exists in BLMon that could allow command injection when executed in the operating system console during an SSH session. The issue is related to the improper...
CVE-2025-48462
CVE-2025-48462 describes a login session exhaustion vulnerability that could allow an attacker to consume all available session slots, blocking legitimate users from logging in (impact described as denial of service). Supported by connected sources: for Apache HTTP Server (PT-2025-26676) the affe...
CVE-2025-48462 Login Session Exhaustion
Successful exploitation of the vulnerability could allow an attacker to consume all available session slots and block other users from logging in, thereby preventing legitimate users from gaining access to the product...
CVE-2025-33005
IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system...
CVE-2020-26713
REDCap 10.3.4 contains a XSS vulnerability in the ToDoList function with parameter sort. The information submitted by the user is immediately returned in the response and not escaped leading to the reflected XSS vulnerability. Attackers can exploit vulnerabilities to steal login session informati...
CVE-2019-10120
On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16, automatic login configuration aka setAutoLogin can be achieved by continuing to use a session ID after a logout, aka HMCCU-154...
CVE-2013-10012
A vulnerability, which was classified as critical, was found in antonbolling clan7ups. Affected is an unknown function of the component Login/Session. The manipulation leads to sql injection. The name of the patch is 25afad571c488291033958d845830ba0a1710764. It is recommended to apply a patch to...
DEBIAN-CVE-2023-52974
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...
CVE-2023-52974 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...
CVE-2025-23363
A vulnerability has been identified in Teamcenter V14.1 All versions, Teamcenter V14.2 All versions, Teamcenter V14.3 All versions V14.3.0.14, Teamcenter V2312 All versions V2312.0010, Teamcenter V2406 All versions V2406.0008, Teamcenter V2412 All versions V2412.0004. The SSO login service of...
CVE-2024-42171
HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session...
CVE-2024-42171
HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session...
CVE-2024-42171
CVE-2024-42171 affects HCL MyXalytics with a session fixation flaw. Attackers can lure victims through crafted URLs containing a session token to access the login session. Public references report a CVSSv3.1 base score of 6.4 (Network, High confidentiality/Integrity impact, User interaction requi...
CVE-2024-42170 HCL MyXalytics is affected by a session fixation vulnerability
HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session...
CVE-2024-42170
CVE-2024-42170 affects HCL MyXalytics and involves a session-fixation vulnerability. The described issue allows an attacker to cause a user’s login session to be tied to a crafted URL containing a session token, potentially compromising confidentiality and integrity of the session. The NVD entry ...
CVE-2024-11208 Apereo CAS login session expiration
A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitati...