Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-2553

Malware in sbrugna...

5CVSS6.4AI score0.01064EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2008-3733

Malware in sbrugna...

7.5CVSS6.1AI score0.0255EPSS
Exploits0References6
CVE
CVE
added 2025/09/09 7:32 p.m.16 views

CVE-2025-36011

CVE-2025-36011 affects IBM Jazz for Service Management versions 1.1.3.0–1.1.3.24. The underlying issue is that authorization tokens and session cookies are stored without the Secure attribute, enabling cookie disclosure if a user is directed to or visits an insecure HTTP link. This could allow an...

4.3CVSS6AI score0.00165EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2019/10/04 8:25 p.m.20 views

CVE-2008-3747

The 1 geteditpostlink and 2 geteditcommentlink functions in wp-includes/link-template.php in WordPress before 2.6.1 do not force SSL communication in the intended situations, which might allow remote attackers to gain administrative access by sniffing the network for a cookie...

7.5CVSS7.2AI score0.0255EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2011/06/12 12:0 a.m.17 views

Facebook Session Sidejacking

Recently, there was a vulnerability discovered in LinkedIn, which is described here http://www.wtfuzz.com/blogs/linkedin-ssl-cookie-vulnerability/ Basically, this allows someone in network to sniff a cookie value and apply it in his browses session to hijack the target's user session. This simple...

Exploits0
OSV
OSV
added 2008/08/27 3:21 p.m.5 views

CVE-2008-3747

The 1 geteditpostlink and 2 geteditcommentlink functions in wp-includes/link-template.php in WordPress before 2.6.1 do not force SSL communication in the intended situations, which might allow remote attackers to gain administrative access by sniffing the network for a cookie...

6.7AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2008/06/05 12:0 a.m.4 views

PT-2008-4013 · Cre Loaded · Cre Loaded

Name of the Vulnerable Software and Affected Versions: CRE Loaded versions 6.2.13.1 and earlier Description: The issue is related to the handling of cookies over HTTPS. Specifically, the software does not set the "Secure" attribute for cookies sent over HTTPS, which could allow remote attackers t...

5CVSS6.6AI score0.01064EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2005/10/05 11:54 a.m.7 views

openssh may set DISPLAY even if it's unable to listen on respective port

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 IPv4 and sniffing a cookie sent by Emacs...

6.9CVSS7.1AI score0.00346EPSS
Exploits1References4
CVE
CVE
added 2002/02/02 5:0 a.m.56 views

CVE-2001-0911

CVE-2001-0911 affects PHP-Nuke 5.1, where user and administrator passwords are stored in a base-64 encoded cookie. This could allow remote attackers to gain privileges by stealing/sniffing the cookie and decoding it. The connected sources corroborate the cookie-based credential exposure, but no p...

7.5CVSS6.9AI score0.03871EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder