Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

ICS
ICSadded 2022/12/15 12:0 a.m.32 views

Siemens APOGEE/TALON Field Panels

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: APOGEE PXC/TALON TC Vulnerabilities: Predictable Exact Value from Previous Values 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to hijack...

6.5CVSS6.8AI score0.00422EPSS
Exploits0References8
NVD
NVDadded 2021/12/13 4:15 a.m.9 views

CVE-2021-44151

An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can hijack any existing sessions by bruteforcing the 4 hex-character session cookie on the Windows version the Linux version appears to have 8 characters. An attacker can obtain the static part of the cooki...

7.5CVSS0.00399EPSS
Exploits2References3
Cvelist
Cvelistadded 2021/02/09 12:0 a.m.22 views

CVE-2020-28388

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus ReadyStart V3 All...

6.5CVSS6.4AI score0.00422EPSS
Exploits0References4
Prion
Prionadded 2020/10/28 7:15 p.m.10 views

Session fixation

A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users' sessions. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...

7.5CVSS9.5AI score0.02227EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCveadded 2020/10/28 7:15 p.m.19 views

CVE-2020-27739

A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users' sessions. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...

9.8CVSS7.2AI score0.02227EPSS
Exploits1References3
CNVD
CNVDadded 2018/11/02 12:0 a.m.1 views

Synology Photo Station Session Fixation Vulnerability

Synology Photo Station is a Synology solution for sharing pictures, videos and blogs over the Internet. A session fixation vulnerability exists in SYNO.PhotoStation.Auth in Synology Photo Station versions prior to 6.8.7-3481, which can be exploited by remote attackers to hijack a web session with...

6.8CVSS6.2AI score0.00276EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2014/03/05 12:0 a.m.100 views

lighttpd < 1.4.34 Multiple Vulnerabilities

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.34. It is, therefore, affected by the following vulnerabilities : - When Server Name Indication SNI is enabled, a flaw exists that could cause the application to use all available SSL ciphers, including we...

7.6CVSS6.8AI score0.09523EPSS
Exploits1References8
UbuntuCve
UbuntuCveadded 2013/08/16 4:55 p.m.25 views

CVE-2013-4128

Red Hat JBoss Enterprise Application Platform EAP 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client...

6.4CVSS5.9AI score0.00688EPSS
Exploits0References2
Vulnerability Lab
Vulnerability Labadded 2012/04/13 12:0 a.m.13 views

Microsoft Afkar Web Service - Cross Site Vulnerabilities

Document Title: =============== Microsoft Afkar Web Service - Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=4797 MSRC ID: 12328nj Release Date: ============= 2012-04-13 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2011/11/04 12:0 a.m.32 views

Whitehouse.gov Cross Site Scripting

Title: ====== WhiteHouse Gov Service - Persistent Web Vulnerability Date: ===== 2011-11-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=308 VL-ID: ===== 308 Introduction: ============= http://www.whitehouse.gov/ Abstract: ========= The vulnerability-lab researcher...

7.4AI score
Exploits0
Rows per page
Query Builder