Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

Positive Technologies
Positive Technologiesadded 2021/08/31 12:0 a.m.1 views

PT-2021-20548 · Pepperl+Fuchs · Wirelesshart Gateway

Name of the Vulnerable Software and Affected Versions: PEPPERL+FUCHS WirelessHART-Gateway versions 3.0.8 through 3.0.9 Description: The issue concerns the absence of the HttpOnly attribute on a cookie, allowing its value to be accessed or modified by client-side JavaScript. This could potentially...

3.3CVSS4.4AI score0.00047EPSS
Exploits0References3
CNNVD
CNNVDadded 2021/08/31 12:0 a.m.2 views

Pepperl Fuchs WirelessHART-Gateway安全漏洞

Pepperl Fuchs WirelessHART-Gateway is a gateway device from Pepperl Fuchs, Germany. A security vulnerability exists in Pepperl Fuchs WirelessHART-Gateway versions 3.0.8 and 3.0.9 that stems from the HttpOnly attribute not being set on a cookie. An attacker can exploit the vulnerability to read or...

3.3CVSS5.4AI score0.00047EPSS
Exploits0References4
Prion
Prionadded 2019/12/12 2:15 p.m.13 views

Cross site scripting

A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. An attacker could use this to conduct cross site scripting attacks and gain access to unauthorized information...

3.5CVSS5.5AI score0.00313EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2018/09/18 2:29 a.m.7 views

CVE-2018-16958

An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The ASP.NETSessionID primary session cookie, when Internet Information Services IIS with ASP.NET is used, is not protected with the HttpOnly attribute. The attribute cannot be enabled by customers. Consequently, this cookie is...

5.8CVSS5.2AI score0.00206EPSS
Exploits0References2
Prion
Prionadded 2018/09/18 2:29 a.m.11 views

Buffer overflow

An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The ASP.NETSessionID primary session cookie, when Internet Information Services IIS with ASP.NET is used, is not protected with the HttpOnly attribute. The attribute cannot be enabled by customers. Consequently, this cookie is...

5.8CVSS5.3AI score0.00206EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/16 9:31 p.m.20 views

Security Bulletin: IBM QRadar Incident Forensics is vulnerable to session highjacking. (CVE-2015-1994)

Summary IBM QRadar incident forensics authorization cookie is missing the httponly attribute. Vulnerability Details CVE-ID: CVE-2015-1994 Description: IBM Qradar Incident Forensics could allow a remote attacker to obtain sensitive information, caused by the failure to set the httponly attribute f...

5CVSS1.3AI score0.00225EPSS
Exploits0Affected Software1
securityvulns
securityvulnsadded 2014/03/31 12:0 a.m.92 views

ESA-2014-016: EMC VPLEX Multiple Vulnerabilities

ESA-2014-016.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-016: EMC VPLEX Multiple Vulnerabilities EMC Identifier: ESA-2014-016 CVE Identifier: See below for individual CVEs Severity Rating: CVSS v2 Base Score: See below for individual CVSS scores Affected products: All versions from...

9CVSS0.4AI score0.41981EPSS
Exploits16
Rows per page
Query Builder