Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/03/17 12:30 p.m.4 views

EUVD-2026-12558

Apache Airflow versions 3.1.0 through 3.1.7 session token token in cookies is set to path=/ regardless of the configured webserver baseurl or api baseurl. This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full...

7.5CVSS5.8AI score0.00031EPSS
Exploits0References3
Rockylinux
Rockylinuxadded 2026/02/06 9:8 a.m.4 views

curl security update

An update is available for curl. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The curl packages provide the libcurl library and the curl utility for...

7.5CVSS6.8AI score0.00275EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2025/12/19 12:0 a.m.3 views

RockyLinux 8 : curl (RLSA-2025:23383)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23383 advisory. curl: libcurl: Curl out of bounds read for cookie path CVE-2025-9086 Tenable has extracted the preceding description block directly from the RockyLinux security...

7.5CVSS6.4AI score0.00275EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2025/09/22 12:0 a.m.1 views

Fedora 41 : curl (2025-4daec13254)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-4daec13254 advisory. - fix Out of bounds read for cookie path CVE-2025-9086 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

7.5CVSS6.5AI score0.00275EPSS
Exploits1References2
CVE
CVEadded 2025/09/12 5:10 a.m.35 views

CVE-2025-9086

CVE-2025-9086 affects curl’s curl/libcurl component. Reports indicate an out-of-bounds read when handling a cookie path for a secure cookie, which can cause a crash or potentially allow memory-read conditions. The vulnerability is documented across multiple advisories and vendor pages, including ...

7.5CVSS6.2AI score0.00275EPSS
Exploits1References7Affected Software1
CVE
CVEadded 2022/11/25 12:0 a.m.53 views

CVE-2022-41158

Eyoom Builder (Eyoom) contains a path traversal/remote code execution flaw. Affects versions prior to 4.5.4; vulnerability arises from using cookie values as file paths, enabling remote attackers to execute or inject code. Reported across multiple feeds (CNNVD/CVE entries). Remediation cited: upd...

9.8CVSS8.6AI score0.05426EPSS
Exploits0References1Affected Software1
Huntr
Huntradded 2021/09/10 7:9 p.m.17 views

in getgrav/grav

✍️ Description Developers often set cookies to be accessible from the root context path "/". Doing so exposes the cookie to all web applications on the domain. Since cookies often carry sensitive information such as session identifiers, sharing cookies across applications can lead a vulnerability...

5CVSS1.9AI score0.00294EPSS
Exploits1
Rows per page
Query Builder