7 matches found
CVE-2023-30806
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /cgi-bin/login.cgi endpoint. This is due to...
CVE-2017-7144
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling...
CVE-2017-7144
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling...
Code injection
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling...
CVE-2017-7144
The CVE-2017-7144 entry describes a privacy vulnerability in WebKit affecting iOS prior to 11 and Safari prior to 11, where cookie mishandling could allow remote attackers to track users in Safari Private Browsing. Connected documents confirm the affected component (WebKit) and the privacy impact...
Apple iOS cookie mishandling vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability exists in Apple iOS that allows a remote attacker to set a special cookie for the target device on the target website...
CVE-2007-4752
CVE-2007-4752 affects OpenSSH before 4.7. When OpenSSH fails to create an untrusted X11 cookie, it falls back to a trusted X11 cookie, allowing an X client to be treated as trusted and potentially enabling privilege escalation. The linked Nessus advisories cite OpenSSH pre-4.7 in multiple distrib...