CVE-2026-40934

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...

EUVD-2023-51735

Malicious code in bioql PyPI...

Design/Logic Flaw

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Deleted/deactivated user could continue to use their account as long as its cookie is valid. This iss...

PT-2022-7395 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.4 Description: The issue is related to insufficient session expiration in the GLPI system, which can allow a remote attacker to impact the system's integrity. A deleted or deactivated user could continue to use the...

Fedora 10 : phpMyAdmin-3.2.0.1-1.fc10 (2009-7340)

The first security release for phpMyAdmin 3.2.0: - security XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - core better support for vendor customisation based on what Debian needs - rfe warn when session.gcmaxlifetime is...