CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

67 matches found

CVE-2026-5084

WebDyne::Session versions through 2.075 for Perl generates the session id insecurely. The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand function. The rand function is passed a maximum value based on the process id, the epoch time and the referen...

6.5CVSS5.5AI score0.00012EPSS

Exploits0References1

Tenable Nessus•added 2026/05/02 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints o...

5.9CVSS5.8AI score0.00054EPSS

Exploits0References3

CNNVD•added 2026/04/30 12:0 a.m.•6 views

Dancer::Session::Abstract 安全特征问题漏洞

Dancer::Session::Abstract is an abstract module for session management developed by BIGPRESH’s individual developers. Versions of Dancer::Session::Abstract prior to 1.3522 have security vulnerabilities. These vulnerabilities stem from insecure session ID generation, which could allow attackers to...

5.9CVSS5.8AI score0.00054EPSS

Exploits0References1

CVE•added 2026/04/08 5:53 a.m.•4 views

CVE-2026-5083

CVE-2026-5083 affects the Perl module Ado::Sessions up to version 0.935. The vulnerability stems from generating session IDs with a SHA-1 hash seeded by the built-in rand() function, the epoch time, and the PID. The PID comes from a small set of numbers, and the epoch time may be guessed if not l...

5.3CVSS5.8AI score0.00017EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/04/08 12:0 a.m.•4 views

PT-2026-31088

Name of the Vulnerable Software and Affected Versions Ado::Sessions versions through 0.935 Description The Ado::Sessions Perl module generates insecure session IDs. The session ID is created using a SHA-1 hash seeded with the built-in rand function, the epoch time, and the process ID PID. The PID...

5.3CVSS5.8AI score0.00017EPSS

Exploits0References9

ATTACKERKB•added 2026/03/07 12:20 a.m.•1 views

CVE-2026-25072

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable session identifier vulnerability in the /goform/SetLogin endpoint that allows remote attackers to hijack authenticated sessions. Attackers can predict session identifiers using insufficiently random cook...

8.6CVSS5.8AI score0.00202EPSS

Exploits0References3

RedhatCVE•added 2026/03/06 7:55 a.m.•2 views

CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.8AI score0.00029EPSS

Exploits0References1

EUVD•added 2026/03/05 3:31 a.m.•2 views

EUVD-2025-208297

9.1CVSS5.9AI score0.00029EPSS

Exploits0References3

CNNVD•added 2026/03/05 12:0 a.m.•4 views

Apache::Session::Generate::MD5 安全漏洞

Apache::Session::Generate::MD5 is a session management module provided by the Apache Foundation. Versions of Apache::Session::Generate::MD5 prior to 1.94 contained security vulnerabilities. These vulnerabilities stemmed from the use of insecure random number generators for generating session IDs,...

9.1CVSS5.8AI score0.00029EPSS

Exploits0References11

SUSE CVE•added 2026/03/02 12:28 a.m.•2 views

SUSE CVE-2025-40932

Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will...

8.2CVSS5.7AI score0.00043EPSS

Exploits0References3

OSV•added 2026/02/27 12:16 a.m.•4 views

UBUNTU-CVE-2025-40932

8.2CVSS5.8AI score0.00043EPSS

Exploits0References4

Vulnrichment•added 2026/02/26 11:33 p.m.•1 views

CVE-2025-40932 Apache::SessionX versions through 2.01 for Perl create insecure session id

5.9AI score0.00043EPSS

Exploits0References1

OSV•added 2026/02/24 4:24 p.m.•1 views

CVE-2026-27515

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions...

9.1CVSS5.8AI score

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2010-4277

Malware in sbrugna...

6.4CVSS6.4AI score0.00253EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2001-1265

Malware in sbrugna...

7.5CVSS6.4AI score0.00147EPSS

Exploits0References4