Lucene search
K

25 matches found

Cvelist
Cvelist
added 2023/10/13 6:15 a.m.25 views

CVE-2023-38251 Adobe Commerce | Uncontrolled Resource Consumption (CWE-400)

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by a Uncontrolled Resource Consumption vulnerability that could lead in minor application denial-of-service. Exploitation of this issue does not require user interacti...

5.3CVSS5.4AI score0.00671EPSS
Exploits0References1
Veracode
Veracode
added 2023/08/06 2:28 p.m.18 views

Information Disclosure

gitlab is vulnerable to Information Disclosure. The vulnerability occurs because marshalled session keys were being stored in redis, resulting in Cleartext Storage of Sensitive Information...

5.7CVSS6.7AI score0.00189EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2021/04/01 12:0 a.m.6 views

Unspecified Vulnerability in GitLab (CNVD-2021-26101)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions after...

5.7CVSS6.1AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/28 12:0 a.m.3 views

aio-libs aiohttp-session session fixation vulnerability

aio-libs aiohttp-session is an application that supports storing user-specific data into session objects. A session fixation vulnerability exists in the 'RedisStorage' function of RedisStorage in aio-libs aiohttp-session. An attacker can exploit this vulnerability to hijack a session with the hel...

6.5CVSS6.4AI score0.01181EPSS
Exploits1References1
PyPA
PyPA
added 2018/06/26 4:29 p.m.9 views

PYSEC-2018-80

aio-libs aiohttp-session contains a Session Fixation vulnerability in loadsession function for RedisStorage see: https://github.com/aio-libs/aiohttp-session/blob/master/aiohttpsession/redisstorage.pyL42 that can result in Session Hijacking. This attack appear to be exploitable via Any method that...

6.5CVSS6.9AI score0.01181EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder