Lucene search
+L

129 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-4485

Malware in sbrugna...

8.5CVSS6.4AI score0.01065EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-1021

Malware in sbrugna...

9.8CVSS6AI score0.00643EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2013-0547

Malware in sbrugna...

7.2CVSS6.4AI score0.00371EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-3158

Malicious code in bioql PyPI...

7.4CVSS8AI score0.0054EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.10 views

PT-2025-36979

Name of the Vulnerable Software and Affected Versions: BLMon affected versions not specified Description: An OS Command Injection issue exists in BLMon that could allow command injection when executed in the operating system console during an SSH session. The issue is related to the improper...

5.8CVSS7AI score0.00503EPSS
Exploits0References4
CVE
CVE
added 2025/06/24 2:8 a.m.25 views

CVE-2025-48462

CVE-2025-48462 describes a login session exhaustion vulnerability that could allow an attacker to consume all available session slots, blocking legitimate users from logging in (impact described as denial of service). Supported by connected sources: for Apache HTTP Server (PT-2025-26676) the affe...

4.2CVSS4.4AI score0.00172EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/06/24 2:8 a.m.10 views

CVE-2025-48462 Login Session Exhaustion

Successful exploitation of the vulnerability could allow an attacker to consume all available session slots and block other users from logging in, thereby preventing legitimate users from gaining access to the product...

4.2CVSS0.00172EPSS
Exploits0References1
OSV
OSV
added 2025/06/01 12:15 p.m.4 views

CVE-2025-33005

IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system...

8.8CVSS5.8AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 p.m.7 views

CVE-2020-26713

REDCap 10.3.4 contains a XSS vulnerability in the ToDoList function with parameter sort. The information submitted by the user is immediately returned in the response and not escaped leading to the reflected XSS vulnerability. Attackers can exploit vulnerabilities to steal login session informati...

6.1CVSS6.1AI score0.01171EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.8 views

CVE-2019-10120

On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16, automatic login configuration aka setAutoLogin can be achieved by continuing to use a session ID after a logout, aka HMCCU-154...

8.8CVSS7AI score0.01283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:28 a.m.6 views

CVE-2013-10012

A vulnerability, which was classified as critical, was found in antonbolling clan7ups. Affected is an unknown function of the component Login/Session. The manipulation leads to sql injection. The name of the patch is 25afad571c488291033958d845830ba0a1710764. It is recommended to apply a patch to...

9.8CVSS7.6AI score0.00643EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 5:15 p.m.2 views

DEBIAN-CVE-2023-52974

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...

7.8CVSS5.6AI score0.00277EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 4:43 p.m.11 views

CVE-2023-52974 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...

7.8CVSS5.8AI score0.00277EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/02/11 10:29 a.m.4 views

CVE-2025-23363

A vulnerability has been identified in Teamcenter V14.1 All versions, Teamcenter V14.2 All versions, Teamcenter V14.3 All versions V14.3.0.14, Teamcenter V2312 All versions V2312.0010, Teamcenter V2406 All versions V2406.0008, Teamcenter V2412 All versions V2412.0004. The SSO login service of...

7.4CVSS7.3AI score0.0054EPSS
Exploits0References1
OSV
OSV
added 2025/01/11 7:15 a.m.4 views

CVE-2024-42171

HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session...

6.4CVSS5.8AI score0.00236EPSS
Exploits0References1
NVD
NVD
added 2025/01/11 7:15 a.m.14 views

CVE-2024-42171

HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session...

6.4CVSS0.00236EPSS
Exploits0References1
CVE
CVE
added 2025/01/11 6:31 a.m.52 views

CVE-2024-42171

CVE-2024-42171 affects HCL MyXalytics with a session fixation flaw. Attackers can lure victims through crafted URLs containing a session token to access the login session. Public references report a CVSSv3.1 base score of 6.4 (Network, High confidentiality/Integrity impact, User interaction requi...

6.4CVSS6.4AI score0.00236EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/11 6:17 a.m.9 views

CVE-2024-42170 HCL MyXalytics is affected by a session fixation vulnerability

HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session...

6.8CVSS6.8AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2025/01/11 6:17 a.m.51 views

CVE-2024-42170

CVE-2024-42170 affects HCL MyXalytics and involves a session-fixation vulnerability. The described issue allows an attacker to cause a user’s login session to be tied to a crafted URL containing a session token, potentially compromising confidentiality and integrity of the session. The NVD entry ...

6.8CVSS6.6AI score0.00331EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/14 1:31 p.m.35 views

CVE-2024-11208 Apereo CAS login session expiration

A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitati...

6.3CVSS0.00741EPSS
Exploits1References5
Rows per page
Query Builder