Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.9 views

Mageia: Security Advisory (MGASA-2015-0133)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.8AI score0.02183EPSS
Exploits0References4
OSV
OSV
added 2015/06/10 7:30 a.m.4 views

SUSE-SU-2015:1300-1 Security update for novnc

novnc was updated to fix a session hijacking problem through insecurely set session token cookies bnc922233, CVE-2013-7436. Security Issues: CVE-2013-7436...

4.3CVSS6.2AI score0.02183EPSS
Exploits0References3
OSV
OSV
added 2015/04/10 2:59 p.m.4 views

CVE-2013-7436

noVNC before 0.5 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...

6.1AI score
Exploits0References8
OSV
OSV
added 2015/04/10 2:59 p.m.4 views

UBUNTU-CVE-2013-7436

noVNC before 0.5 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...

4.3CVSS5.8AI score0.02183EPSS
Exploits0References3
CVE
CVE
added 2015/04/10 2:0 p.m.77 views

CVE-2013-7436

The CVE concerns noVNC prior to version 0.5, where the secure flag for cookies was not set during HTTPS sessions, enabling cookie interception across HTTP. Affected software: noVNC pre-0.5. Impact: confidentiality risk via session cookies exposed to MITM in mixed HTTP/HTTPS contexts. Public refer...

4.3CVSS6.3AI score0.02183EPSS
Exploits0References8Affected Software1
Mageia
Mageia
added 2015/04/04 10:45 a.m.29 views

Updated novnc packages fix CVE-2013-7436

Updated novnc package fixes security vulnerability: noVNC before 0.5.1 allows an attacker to steal insecurely set session token cookies, hijacking active or inactive VNC sessions CVE-2013-7436...

4.3CVSS3AI score0.02183EPSS
Exploits0References2
Rows per page
Query Builder