CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

193 matches found

EUVD-2026-36236

A vulnerability was determined in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute. The attack can be launched remotely. This attac...

6.3CVSS4.9AI score0.00024EPSS

Exploits0References6

IBM Security Bulletins•added 2026/04/01 7:9 p.m.•6 views

Security Bulletin: IBM Maximo Application Suite was vulnerable to CVE-2026-4820 because Cookie ltpatoken2_<workspace_name> was not set with secure flag

Summary IBM Maximo Application Suite was vulnerable to CVE-2026-4820 because Cookie ltpatoken2 was not set with secure flag Vulnerability Details CVEID:CVE-2026-4820 DESCRIPTION: IBM Maximo Application Suite does not set the secure attribute on authorization tokens or session cookies. Attackers m...

4.3CVSS5.8AI score0.00015EPSS

Exploits0Affected Software1

Snyk•added 2026/03/25 5:32 p.m.•2 views

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview @grackle-ai/server is a Grackle server orchestrator — spawns and wires core gRPC, web-server HTTP, MCP, and PowerLine Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute in the session process. An attacker can intercept session...

3.1CVSS5.9AI score

Exploits0References2

RedhatCVE•added 2026/01/09 12:31 p.m.•6 views

CVE-2023-4654

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1...

3.5CVSS6.8AI score0.00044EPSS

Exploits1References1

Snyk•added 2025/12/18 8:46 p.m.•4 views

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute via the SetValue method in the CookieHelper class. The requireSSL...

6.9CVSS6.8AI score0.00029EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-5993

Malware in sbrugna...

4.3CVSS6.4AI score0.00769EPSS

Exploits0References10

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-21406

Malware in sbrugna...

5.3CVSS5.5AI score0.001EPSS

Exploits0References2