Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Exploit DB
Exploit DBadded 2026/05/21 12:0 a.m.41 views

solaredge - (CSRF-OOB-Injection)

Titles: solaredge - CSRF-OOB-Injection Author: nu11secur1tyAI Date: 2026-04-26 Vendor: SolarEdge Technologies Ltd. Software: SolarEdge Monitoring Platform - Framework /solaredge-web/ Reference: https://monitoring.solaredge.com/ Description: The solaredge-CSRF-Hijack vulnerability arises due to a...

5.8AI score
Exploits0
SUSE CVE
SUSE CVEadded 2023/02/15 3:40 a.m.1 views

SUSE CVE-2021-33621

The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object...

7.5CVSS6.6AI score0.01371EPSS
Exploits1References6
Debian CVE
Debian CVEadded 2022/07/22 2:54 p.m.18 views

CVE-2022-1655

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...

6.5CVSS6.5AI score0.00192EPSS
Exploits0
OSV
OSVadded 2021/01/13 5:15 p.m.7 views

CVE-2020-15220

Combodo iTop is a web based IT Service Management tool. In iTop before versions 2.7.2 and 3.0.0, two cookies are created for the same session, which leads to a possibility to steal user session. This is fixed in versions 2.7.2 and 3.0.0...

6.1CVSS6.7AI score
Exploits0References1
OSV
OSVadded 2018/02/01 11:39 a.m.6 views

SUSE-SU-2018:0337-1 Security update for libICE

This update for libICE fixes the following issues: - CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies predictable. A more random generation method has been implemented. boo1025068...

5.5CVSS5.8AI score0.00091EPSS
Exploits2References3
exploitpack
exploitpackadded 2015/03/01 12:0 a.m.22 views

Seagate Business NAS 2014.00319 - Remote Code Execution

Seagate Business NAS 2014.00319 - Remote Code Execution !/usr/bin/env python Seagape ======= Seagate Business NAS pre-authentication remote code execution exploit as root user. by OJ Reeves @TheColonial - for full details please see https://beyondbinary.io/advisory/seagate-nas-rce/ Usage =====...

8.1AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2008/08/22 12:10 p.m.3 views

openssh falls back to the trusted x11 cookie if generation of an untrusted cookie fails

ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted...

7.5CVSS7.2AI score0.02269EPSS
Exploits0References4
seebug.org
seebug.orgadded 2008/07/27 12:0 a.m.16 views

phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln

No description provided by source. ...:::::phpwebnews-mysql 0.2 Insecure Cookie Handling Vulnerability ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx :my master hadihadi tnx to:MR.nosrati,black.shadowes,MR.hesy &...

7.1AI score
Exploits0
Rows per page
Query Builder