4 matches found
AZL-32126 CVE-2023-46218 affecting package mysql for versions less than 8.0.35-2
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a...
CVE-2010-4591
The Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a...
Design/Logic Flaw
The Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a...
CVE-2010-4591
The Connection Manager in IBM Lotus Mobile Connect LMC before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a...