Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.7 views

EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2026-2341)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in...

8.2CVSS5.6AI score0.00254EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

TencentOS Server 3: libsoup (TSSA-2026:0368)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0368 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
OSV
OSV
added 2026/05/22 1:17 p.m.13 views

OESA-2026-2380 libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. Security Fixes: A flaw was found in libsoup. When establishing HTTPS tunnels throu...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/05 5:31 p.m.10 views

Use of Persistent Cookies Containing Sensitive Information

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Use of Persistent Cookies Containing Sensitive Information in the SESSIONSAVEEVERYREQUEST. An attacker can hijack a user's sessio...

6.5CVSS5.8AI score0.00544EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.4 views

PT-2026-29358

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/emailAllUsers.json.php allows administrators to send HTML emails to every registered user on the platform. While the endpoint verifies admin session status, it does not validate a CSRF token...

6.5CVSS6AI score0.00157EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/17 2:6 p.m.5 views

CVE-2026-0696

In ConnectWise PSA versions older than 2026.1, certain session cookies were not set with the HttpOnly attribute. In some scenarios, this could allow client-side scripts access to session cookie values...

6.5CVSS6.8AI score0.00352EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-25912

Malware in sbrugna...

4.3CVSS4.8AI score0.00989EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/20 12:0 a.m.7 views

PT-2024-9851 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.12 Description: The issue is related to the exposure of user credentials and session cookies in backup files. This is due to incorrect removal of critical data. An attacker could exploit this to revea...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.7 views

The vulnerability of the Session Cookie Handler component of the Ragic Enterprise Cloud Database platform allows a hacker to obtain user session cookies.

The vulnerability of the Session Cookie Handler component of the Ragic Enterprise Cloud Database platform’s tool for creating customizable databases is related to the lack of authentication for the critical function. Exploiting this vulnerability could allow a malicious actor to obtain user sessi...

10CVSS5.5AI score0.0055EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.4 views

SUSE CVE-2022-1655

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...

6.5CVSS6.8AI score0.00471EPSS
Exploits0References3
Rows per page
Query Builder