CVE-2022-46505

CVE-2022-46505 affects MatrixSSL up to version 4.5.1-open. The issue is a failure to securely validate the SessionID, enabling misuse of an all-zero MasterSecret that can decrypt secret data. Public references in the provided documents consistently tie the vulnerability to MatrixSSL’s SessionID h...

CVE-2022-46505

An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data...

CVE-2022-46505

An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data...

MatrixSSL 安全漏洞

Inside Secure MatrixSSL is an embedded, open-source SSLv3 stack designed for small applications and devices from Inside Secure, France. A security vulnerability exists in MatrixSSL version 4.5.1-open and prior versions that stems from an inability to securely check the SessionID field, which coul...

PT-2023-14952 · Matrixssl · Matrixssl

Name of the Vulnerable Software and Affected Versions: MatrixSSL versions 4.5.1-open and earlier Description: An issue leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data. Recommendations: For MatrixSSL versions...

PT-2022-8062 · Unknown · Catalyst-Plugin-Session

Name of the Vulnerable Software and Affected Versions: Catalyst-Plugin-Session versions up to 0.40 Description: A vulnerability has been found in the function load sessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads ...

Garage Management System Cross-Site Scripting Vulnerability

Garage Management System is a garage management system developed by Mayuri K. A cross-site scripting vulnerability exists in Garage Management System v1.0, which can be exploited by attackers to inject malicious scripts at /garage/phpaction/createBrand.php and obtain sensitive information such as...

GHSA-W7H9-8WR4-HWQH OpenStack Horizon Session Fixation

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

Security Bulletin: IBM Transformation Extender Advanced and IBM Standards Processing Engine are susceptible to a vulnerability in 10x (CVE-2017-1152)

Summary IBM 10x framework does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. Vulnerability Details CVEID: CVE-2017-1152 DESCRIPTION: IBM Sterling Global Integration On-Demand Environment does not properly upda...

Cloud Foundry UAA SessionID present in Audit Event Logs

In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versio...

CVE-2022-26157

An issue was discovered in the web application in Cherwell Service Management CSM 10.2.3. The ASP.NETSessionid cookie is not protected by the Secure flag. This makes it prone to interception by an attacker if traffic is sent over unencrypted channels...

(Pwn2Own) Cisco RV340 upload.cgi sessionid Improper Input Validation Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the sessionid parameter provided to the upload.cgi endpoint...

(Pwn2Own) Cisco RV340 NGINX sessionid Directory Traversal Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the NGINX web server. When parsing the sessionid cooki...

Servisnet Tessa - Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Privilege Escalation Metasploit', 'Description' = %q This module exploits privilege escalation in Servisnet Tessa, triggered by...

CVE-2021-20048

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions...

CVE-2021-20048

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions...

Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability

Kaseya Virtual System/Server Administrator VSA contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

PoC exploit for CVE-2021-26084, a vulnerability in Confluence. T...

TripSpark VEO Transportation SQL Injection

Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Date: 07/27/2021 Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link:...

RUSTSEC-2021-0108 Remote memory exhaustion in ckb

In the ckb sync protocol, SyncState maintains a HashMap called 'misbehavior' that keeps a score of a peer's violations of the protocol. This HashMap is keyed to PeerIndex an alias for SessionId, and entries are never removed from it. SessionId is an integer that increases monotonically with every...