Lucene search
K

1079 matches found

Cvelist
Cvelist
added 2026/05/08 7:44 a.m.44 views

CVE-2013-10075 Apache::Session versions through 1.94 for Perl re-creates deleted sessions

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

0.00356EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 7:44 a.m.10 views

CVE-2013-10075 Apache::Session versions through 1.94 for Perl re-creates deleted sessions

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

5.8AI score0.00356EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/08 7:44 a.m.8 views

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.8AI score0.00356EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-38683

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB File will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.8AI score0.00356EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2013-10075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile...

9.1CVSS5.5AI score0.00356EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 7:54 p.m.36 views

CVE-2026-40325 Masa CMS CSRF in content restoration allows unauthorized restoration of deleted content

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.restore function does not properly validate anti-CSRF tokens for content restoration requests. An attacker can trick a logged-in administrator to submit a forged request that restores deleted...

8.7CVSS0.00151EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 7:54 p.m.14 views

CVE-2026-40325

Summary: CVE-2026-40325 affects Masa CMS (fork of Mura CMS). In versions up to 7.5.2, the cTrash.restore function fails to validate anti-CSRF tokens, allowing an attacker to lure a logged-in administrator into a forged request that restores deleted items and places them at an attacker-controlled ...

8.7CVSS5.7AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 7:54 p.m.6 views

CVE-2026-40325 Masa CMS CSRF in content restoration allows unauthorized restoration of deleted content

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.restore function does not properly validate anti-CSRF tokens for content restoration requests. An attacker can trick a logged-in administrator to submit a forged request that restores deleted...

8.7CVSS5.7AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.16 views

PT-2026-37251

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.3 Description An issue exists in the identity-based secrets management system where an initial failure during namespace deletion causes subsequent retries to fail to remove all data before the namespace is marked ...

7.5CVSS5.8AI score0.00248EPSS
Exploits0References7
OSV
OSV
added 2026/04/29 12:16 p.m.3 views

DEBIAN-CVE-2026-22740

A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...

6.5CVSS5.8AI score0.00344EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/26 12:0 a.m.6 views

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014340 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent use of deleted inode syzbot reported a WARNING in nilfsrmdir. 1 Because the inode...

5.5CVSS5.5AI score0.00254EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/25 11:40 p.m.3 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization via the GetNoteByID function. An attacker can access notes and assets from soft-deleted public books by directly querying endpoints with known note IDs or slug paths, even after the book has been deleted. This...

6.9CVSS5.7AI score0.00194EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 11:40 p.m.6 views

GHSA-3GR9-485J-V4XF Note Mark: Unauthenticated read of notes and assets in soft-deleted public books

Summary After a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/id, /api/notes/id/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note ID or the slug path retain access. GORM's soft-delete scope does not...

5.3CVSS5.8AI score0.00194EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2026/04/23 10:27 a.m.15 views

Apple fixes iOS bug that kept deleted notifications, including chat previews

Apple has released a software update that deals with an issue that could allow deleted notifications to be retrieved. Something that, in at least one reported case, was used by law enforcement during forensic analysis. Apple fixed the issue in iOS and iPadOS versions 18.7.8 and 26.4.2 check...

6.2CVSS5.8AI score0.0288EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/04/23 8:6 a.m.8 views

Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages

Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device. The vulnerability, tracked as CVE-2026-28950 CVSS score: N/A, has been described as a logging issue that has been addressed with improved dat...

5.7AI score0.0288EPSS
Exploits0
NVD
NVD
added 2026/04/22 7:17 p.m.7 views

CVE-2026-28950

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 15.8.8 and iPadOS 15.8.8, iOS 16.7.16 and iPadOS 16.7.16, iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2, iPadOS 17.7.11. Notifications marked for deletion could be unexpectedly retained on the devi...

6.2CVSS0.0288EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/04/22 6:22 p.m.6 views

CVE-2026-28950

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2. Notifications marked for deletion could be unexpectedly retained on the device...

5.8AI score0.0288EPSS
Exploits0References3
Apple
Apple
added 2026/04/22 12:0 a.m.75 views

About the security content of iOS 18.7.8 and iPadOS 18.7.8

About the security content of iOS 18.7.8 and iPadOS 18.7.8 This document describes the security content of iOS 18.7.8 and iPadOS 18.7.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

6.2CVSS5.8AI score0.0288EPSS
Exploits0References1Affected Software2
Apple
Apple
added 2026/04/22 12:0 a.m.25 views

About the security content of iOS 26.4.2 and iPadOS 26.4.2

About the security content of iOS 26.4.2 and iPadOS 26.4.2 This document describes the security content of iOS 26.4.2 and iPadOS 26.4.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

6.2CVSS5.8AI score0.0288EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010965)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010965 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a...

7.8CVSS6.2AI score0.00153EPSS
Exploits0References4
Rows per page
Query Builder