Lucene search
K

5 matches found

CNNVD
CNNVD
added 2025/10/28 12:0 a.m.5 views

GitHub Workflow Updater 安全漏洞

GitHub Workflow Updater is a VS Code extension by Richard Tweed Personal Developer. A security vulnerability exists in GitHub Workflow Updater versions prior to 0.0.7, which stems from storing Github tokens in cleartext, which could lead to token disclosure...

3.8CVSS6.5AI score0.00116EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30269

Malicious code in bioql PyPI...

8.4CVSS6.6AI score0.00287EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2025/09/19 6:46 p.m.9 views

CVE-2025-34188

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 macOS/Linux client deployments contain a vulnerability in the local logging mechanism. Authentication session tokens, including PHPSESSID, XSRF-TOKEN, and laravelsession, are...

8.4CVSS5.7AI score0.00287EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.6 views

PT-2025-38591

Name of the Vulnerable Software and Affected Versions Vasion Print Virtual Appliance Host versions prior to 1.0.735 Vasion Print Application versions prior to 20.0.1330 Description The local logging mechanism in Vasion Print contains a security issue where authentication session tokens, including...

8.4CVSS6.2AI score0.00287EPSS
Exploits1References7
Pen Test Partners Blog
Pen Test Partners Blog
added 2022/09/22 5:9 a.m.33 views

You can’t stop me. MS Teams session hijacking and bypass

How cleartext session tokens are stored in an unsecured directory that can be stolen and used to impersonate a Teams user. TL;DR Microsoft Teams stores unencrypted session tokens and cached conversations in users’ roaming AppData, which can be used by an attacker to gain access to the victim’s...

0.1AI score
Exploits0
Rows per page
Query Builder