CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-4070

Malware in sbrugna...

7.5CVSS7.6AI score0.0045EPSS

Exploits0References7

OSV•added 2020/04/15 4:15 p.m.•13 views

CVE-2020-11729

An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Long-term session cookies, uses to provide long-term session continuity, are not generated securely, enabling a brute-force attack that may be successful...

9.8CVSS6.5AI score

Exploits0References4

Prion•added 2020/04/15 4:15 p.m.•13 views

Design/Logic Flaw

7.5CVSS9.2AI score0.00472EPSS

Exploits1References4Affected Software2

Cvelist•added 2020/04/15 3:37 p.m.•14 views

CVE-2020-11728

An issue was discovered in DAViCal Andrew's Web Libraries AWL through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time and the incrementing sessionid can impersonate a session...

8.4AI score0.0045EPSS

Exploits0References5

CVE•added 2020/04/15 3:37 p.m.•65 views

CVE-2020-11728

CVE-2020-11728 affects DAViCal Andrew's Web Libraries (AWL) up to version 0.60. The flaw is weak session management: session keys are not hard-to-guess, enabling impersonation via guessed microsecond time and incrementing session_id. Debian/DSA-4660-1 and USN-4539-1 describe fixed versions (e.g.,...

7.5CVSS7.3AI score0.0045EPSS

Exploits0References5Affected Software1

CVE•added 2020/04/15 3:37 p.m.•75 views

CVE-2020-11729

CVE-2020-11729 affects DAViCal Andrew's Web Libraries (AWL) up to version 0.60. Long-term session cookies are not generated securely, enabling a brute-force-style session hijack. Debian/DLA-2178-1 fixes these issues by updating awl to 0.60-1+deb10u1 (and earlier 0.57-1+deb9u1). If deploying AWL, ...

9.8CVSS9.1AI score0.00472EPSS

Exploits1References4Affected Software1

Cvelist•added 2020/04/15 3:37 p.m.•13 views

CVE-2020-11729

9.3AI score0.00472EPSS

Exploits1References4