Lucene search
+L

7 matches found

nessus
nessus
added 2026/06/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-6873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation...

4.3CVSS5.8AI score0.00245EPSS
Exploits0References3
redhat
redhat
added 2026/05/26 11:20 a.m.14 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS6.9AI score0.00237EPSS
Exploits0References6
nessus
nessus
added 2025/11/11 12:0 a.m.2 views

RHEL 10 : libsoup3 (RHSA-2025:21032)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21032 advisory. Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup,...

7.5CVSS6.7AI score0.00594EPSS
Exploits0References6
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2015-1232

Malware in sbrugna...

5CVSS6.1AI score0.01764EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2023/01/26 12:0 a.m.6 views

PT-2023-10322 · Devise · Devise

Name of the Vulnerable Software and Affected Versions: Devise versions prior to 3.5.4 Description: The issue concerns the mishandling of Remember Me cookies for sessions, potentially allowing an adversary to gain unauthorized persistent application access. Specifically, the Devise gem generates t...

7.5CVSS7.7AI score0.00618EPSS
Exploits0References10
cnvd
cnvd
added 2020/02/24 12:0 a.m.2 views

D-Link DAP-1330 Certification Bypass Vulnerability

The D-Link DAP-1330 is an N300 Wi-Fi range extender. An authentication bypass vulnerability exists in the handling of HNAP login requests in the D-Link DAP-1330 1.10B01 BETA. The vulnerability stems from a lack of proper cookie handling. An attacker could exploit the vulnerability to execute...

8.8CVSS8AI score0.06544EPSS
Exploits0References1
nessus
nessus
added 2004/07/31 12:0 a.m.37 views

Mandrake Linux Security Advisory : mozilla (MDKSA-2004:021)

A number of vulnerabilities were discovered in Mozilla 1.4 : A malicious website could gain access to a user's authentication credentials to a proxy server. Script.prototype.freeze/thaw could allow an attacker to run arbitrary code on your computer. A vulnerability was also discovered in the NSS...

9.8CVSS5.7AI score0.07643EPSS
Exploits1References7
Rows per page
Query Builder