156 matches found
Mattermost has session spoofing due to lack of single-use consumption of guest magic link tokens enforcement
Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent...
GHSA-MH4X-RMRX-3HP4 Mattermost has session spoofing due to lack of single-use consumption of guest magic link tokens enforcement
Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent...
Security Updates for Azure DevOps 2022 XSS (February 2026)
The Microsoft Team Foundation Server is missing a security update. It is, therefore, affected by the following vulnerability: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2026-21512 Note that Nessus has not...
Security Updates for Microsoft SharePoint Server Subscription Edition (February 2026)
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user...
Security Updates for Microsoft SharePoint Server 2019 (February 2026)
The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Security Updates for Microsoft SharePoint Server 2016 (February 2026)
The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2026-21511,...
Security Updates for Microsoft SharePoint Server 2019 (January 2026)
The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Security Updates for Microsoft SharePoint Server Subscription Edition (January 2026)
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitra...
Security Updates for Microsoft SharePoint Server 2016 (January 2026)
The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
CVE-2021-33982
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3.8.0 and earlier, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions...
Security Updates for Microsoft JDBC driver for MSSQL (October 2025)
The The Microsoft JDBC driver for MSSQL installed on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user...
Security Updates for Microsoft SharePoint Server Subscription Edition (December 2025)
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by the following vulnerability: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another...
CVE-2025-13086
OpenVPN CVE-2025-13086 involves improper validation of source IP addresses in OpenVPN versions 2.6.0–2.6.15 and 2.7_alpha1–2.7_rc1, allowing a remote attacker to initiate a session from an IP address that did not start the connection, leading to a denial of service for the originating client. Con...
EUVD-2021-0930
Malware in sbrugna...
EUVD-2019-10130
Malware in sbrugna...
EUVD-2009-2739
Malware in sbrugna...
EUVD-2019-13415
Malware in sbrugna...
EUVD-2001-1085
Malware in sbrugna...
EUVD-2014-9021
Malware in sbrugna...
EUVD-2022-29597
Malicious code in bioql PyPI...