The vulnerability of dependency managers for Swift and Objective-C CocoaPods, related to the provision of data elements during an erroneous session, allows a perpetrator to intercept the owner’s session and take control of another person’s CocoaPods trunk account.

The vulnerability of the dependency manager for Swift and Objective-C CocoaPods relates to the provision of data elements during an erroneous session. Exploiting this vulnerability can allow a remote attacker to intercept the user’s session and take control of their CocoaPods trunk account...

CVE-2024-41684 Cookie Without Secure Flag Set Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system...

The vulnerability in the web client of IBM Datacap Navigator software for document collection and processing allows attackers to execute cross-site scripting attacks, cache poisoning attacks, or intercept sessions. This vulnerability is related to deficiencies in HTTP request processing.

The vulnerability of the IBM Datacap Navigator web client software for document collection and processing involves shortcomings in the processing of HTTP header requests. Exploiting this vulnerability allows a malicious actor to execute cross-site scripting attacks, cache poisoning attacks, or...

CVE-2024-5996

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

The vulnerability of D-Link DI-7003GV2 router microprogramming software, related to improper cleaning or release of resources, allows a intruder to trigger a service failure.

The vulnerability of D-Link DI-7003GV2 router microprogramming software is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by intercepting TCP/IP sessions...

The vulnerability of the PHP programming language interpreter, related to incorrect handling of cookie files, allows attackers to intercept sessions and gain unauthorized access to protected information.

The vulnerability of the PHP programming language interpreter relates to the incorrect processing of cookie files, resulting from replacing spaces, periods, and open parentheses with underscores. Exploiting this vulnerability can allow an attacker to intercept sessions and gain unauthorized acces...

The vulnerability of the ECDSA signature generation component in client software for various remote access protocols allows a hacker to intercept session sessions.

The vulnerability of the ECDSA signature generation component in client software for various remote access protocols, such as Putty, is related to the possibility of recovering the secret key. Exploiting this vulnerability allows a malicious actor to intercept sessions by recovering the secret ke...

The vulnerability in the implementation of TLS and SSL protocols for the Apple Music app on the Android operating system allows a hacker to intercept the user’s session.

The vulnerability of the TLS and SSL protocols implemented by Apple Music for the Android operating system is related to improper session management. Exploiting this vulnerability can allow a malicious actor to intercept a user’s session...

The vulnerability of cloud software for creating and using Nextcloud Server’s data storage solution lies in the incorrect expiration time of user sessions, which allows attackers to intercept user sessions.

The vulnerability of cloud software for creating and using Nextcloud Server storage solutions is related to incorrect session duration. Exploiting this vulnerability can allow attackers to intercept user sessions...

The vulnerability of the software for centralized logging, analysis, and storage of logs by Graylog, related to incorrect session duration settings, allows a hacker to intercept a user’s session.

The vulnerability of the Graylog log collection, analysis, and storage software lies in the incorrect duration of the session. Exploiting this vulnerability allows a remote attacker to intercept the user’s session...

The vulnerability of the libspdm library, related to the absence of an authentication procedure that allows attackers to intercept user sessions

The vulnerability of the libspdm library is related to the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to intercept a user’s session remotely...

The vulnerability of the QMS.Mobile module of the quality management software for automobile manufacturers allows a violator to intercept an active session.

The vulnerability of the QMS.Mobile module of the quality management software for automobile manufacturers, QMS Automotive, is related to incorrect session duration. Exploiting this vulnerability could allow an attacker to intercept the active session...

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to intercept an active session.

The vulnerability of the ksmbd module in Linux operating systems is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to intercept an ongoing session...

The vulnerability of the microprogrammed software of Schneider Electric Ritto Wiser Door sensor, related to information disclosure during data exchange, allows a intruder to intercept the session.

The vulnerability of Schneider Electric Ritto Wiser Door door sensors’ microprogramming software is related to the disclosure of information during data exchange. Exploiting this vulnerability could allow a intruder to intercept a session...

The vulnerability of the SAP NetWeaver integration platform, related to the lack of measures taken to protect the structure of web pages, allows attackers to intercept administrator or user sessions of web resources.

The vulnerability of the Pmitest server of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept the session of administrators or...

The vulnerability of the SAP NetWeaver integration platform, related to the lack of measures taken to protect the structure of the web page, allows a hacker to intercept the session of administrators or users of web resources.

The vulnerability of the Ecatt server, a software integration platform for SAP NetWeaver, is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept the session of...

The vulnerability of the SAP NetWeaver integration platform, related to the lack of measures taken to protect the structure of the web page, allows a hacker to intercept the session of administrators or users of web resources.

The vulnerability of the MDT software integration platform for SAP NetWeaver is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept the session of an administrator or user of the w...

The vulnerability of the SAP Business Objects decision support system lies in the lack of measures taken to protect the website structure. This allows attackers to intercept the session of administrators or users of the web resources.

The vulnerability of the SAP Business Objects decision support system lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to intercept administrator or user sessions on the web resources, using specially crafted POST/GET...

The vulnerability of the SAP NetWeaver integration platform, related to the lack of measures taken to protect the structure of the web page, allows a hacker to intercept the session of administrators or users of web resources.

The vulnerability of the ProxyServer server of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept the session of administrators ...

The vulnerability of the Junos operating system arises from the lack of measures taken to protect the web page structure. This allows attackers to intercept the HTTP/HTTPS session of the target user and perform administrative actions.

The vulnerability of the Junos operating system exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor, operating remotely, to capture the HTTP/HTTPS session of the target user and perform administrative actions...