243 matches found
USN-4815-1 xrdp vulnerabilities
It was discovered that xrdp did not properly validate certain input in the session manager. A local attacker could possibly use this issue to cause a denial of service or other unspecified impact. CVE-2017-16927 It was discovered that xrdp did not properly initialize PAM session modules. A remote...
CVE-2021-26921
In util/session/sessionmanager.go in Argo CD before 1.8.4, tokens continue to work even when the user account is disabled...
CyberArk Software CyberArk Privileged Session Manager Code Issue Vulnerability
CyberArk Software CyberArk Privileged Session Manager PSM is a software application for privileged session management from CyberArk Software, Israel. The software is a centralized portal that protects privileged users and accounts from accessing target systems, and it is a single solution for...
CVE-2020-25374
CyberArk Privileged Session Manager PSM 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time...
CVE-2020-25374
CyberArk Privileged Session Manager (PSM) 10.9.0.15 is affected by a vulnerability where an error popup disclosed internal pathnames after two hours of idle time. The issue stems from a code/configuration flaw in PSM that allows an attacker to read path information from UI error messages, enablin...
Microsoft Windows Now Playing Session Manager Elevation of Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the way memory objects are handled in...
CVE-2020-1201
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege Vulnerability'...
CVE-2020-1201
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege Vulnerability'...
Privilege escalation
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege Vulnerability'...
CVE-2020-1201
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege Vulnerability'...
Windows Now Playing Session Manager Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. ...
QRadar Community Edition 7.3.1.6 Path Traversal
------------------------------------------------------------------------ QRadar session manager path traversal vulnerability ------------------------------------------------------------------------ Yorick Koster, September 2019...
Information Disclosure
github.com/argoproj/argo-cd is vulnerable to information disclosure. The vulnerability exists as it was possible to guess if a username exists through the VerifyUsernamePassword function in sessionmanager.go...
Beego File Session Manager Information Disclosure Vulnerability (CNVD-2019-32482)
Beego is an open source web framework based on the Go language . File Session Manager is one of the file Session Manager. An information disclosure vulnerability exists in File Session Manager in Beego version 1.10.0, which can be exploited by a local attacker to read session files...
Beego File Session Manager Information Disclosure Vulnerability
Beego is an open source web framework based on the Go language . File Session Manager is one of the file Session Manager. An information disclosure vulnerability exists in File Session Manager in Beego version 1.10.0, which can be exploited by a local attacker to read session files...
CVE-2019-16355
The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files...
CVE-2019-16354
The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions...
CVE-2019-16355
The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files...
CVE-2019-16354
The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions...
Session fixation
The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files...