50 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-5080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints o...
CVE-2026-5080
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
CVE-2026-5080
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
UBUNTU-CVE-2026-5080
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
CVE-2026-5080 Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
CVE-2026-5080
CVE-2026-5080 affects Dancer::Session::Abstract for Perl up to version 1.3522. The insecure session IDs are generated by summing the absolute pathname’s character codepoints with the process ID, epoch time, and multiple rand() calls, then concatenating the result three times. Factors such as know...
CVE-2026-5080 Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
CVE-2026-5080
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
CVE-2026-5080
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
EUVD-2026-26369
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
Dancer::Session::Abstract 安全特征问题漏洞
Dancer::Session::Abstract is an abstract module for session management developed by BIGPRESH’s individual developers. Versions of Dancer::Session::Abstract prior to 1.3522 have security vulnerabilities. These vulnerabilities stem from insecure session ID generation, which could allow attackers to...
EUVD-2019-1832
Malware in sbrugna...
EUVD-2012-5462
Malware in sbrugna...
CVE-2019-1010084
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...
Malicious code in dancer-pipeline (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 02d1f4c0f5ff76788a930b3387f90983f8ef4ae8e8b2064c4829e76954feee04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity ArcaneDoor, attributed it as the handiwork of a previously undocumented sophisticated...
ArcaneDoor Unlocked: Tackling State-Sponsored Cyber Espionage in Network Perimeters
Cisco recently uncovered a sophisticated cyber espionage campaign, ArcaneDoor, targeting perimeter network devices used by government and critical infrastructure sectors. This campaign involves state-sponsored actors exploiting two zero-day vulnerabilities CVE-2024-20353 and CVE-2024-20359 aimed...
Mageia: Security Advisory (MGASA-2013-0183)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-1010084
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...
CVE-2019-1010084
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...