Lucene search
+L

4 matches found

OSV
OSV
added 2023/12/07 1:15 a.m.12 views

AZL-32126 CVE-2023-46218 affecting package mysql for versions less than 8.0.35-2

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a...

6.5CVSS6.6AI score0.01685EPSS
Exploits1References1
NVD
NVD
added 2010/12/22 9:0 p.m.15 views

CVE-2010-4591

The Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a...

4.4CVSS6.2AI score0.0028EPSS
Exploits0References3
Prion
Prion
added 2010/12/22 9:0 p.m.15 views

Design/Logic Flaw

The Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a...

4.4CVSS6.7AI score0.0028EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2010/12/22 8:0 p.m.19 views

CVE-2010-4591

The Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a...

6.2AI score0.0028EPSS
Exploits0References3
Rows per page
Query Builder