Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.17 views

PT-2026-38408

Name of the Vulnerable Software and Affected Versions microsoft-kiota-http-okHttp versions 1.9.0 and earlier kiota-dotnet affected versions not specified kiota-java affected versions not specified kiota-python affected versions not specified kiota-typescript affected versions not specified...

9.8CVSS5.8AI score0.00505EPSS
Exploits0References331
Snyk
Snyk
added 2025/12/18 8:46 p.m.6 views

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute via the SetValue method in the CookieHelper class. The requireSSL...

6.9CVSS6.8AI score0.00162EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.4 views

PT-2025-35113

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 14.4.2 through 16.4.7 XWiki Platform versions 16.5.0-rc-1 through 16.10.6 XWiki Platform versions 17.0.0-rc-1 through 17.4.0-rc-1 Description: The PDF export jobs store sensitive cookies unencrypted in job statuses. Th...

7.5CVSS6.4AI score0.00341EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2022/05/12 12:0 a.m.3 views

PT-2022-3410 · Unknown +5 · Eventsource +5

Name of the Vulnerable Software and Affected Versions: eventsource/eventsource versions prior to 2.0.2 Description: The issue is related to insufficient protection of sensitive data, allowing a remote attacker to gain unauthorized access to protected information. This is due to the improper remov...

9.4CVSS6.7AI score0.0192EPSS
Exploits1References33
OSV
OSV
added 2020/01/24 4:15 p.m.4 views

UBUNTU-CVE-2019-18900

: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp version...

4CVSS5.8AI score0.00301EPSS
Exploits0References3
Rows per page
Query Builder