Lucene search
K

53 matches found

CVE
CVE
added 3 days ago32 views

CVE-2026-23556

CVE-2026-23556 affects Xen oxenstored: when tearing down a domain, node data is cleaned but quota usage counts are leaked. On domain ID reuse, a new domain can create fewer nodes before being over quota. Impact is locally exploitable high-severity (CVSS 4.0 base 9.4, HIGH confidentiality, integri...

9.4CVSS5.9AI score0.00137EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 12:16 p.m.15 views

CVE-2026-24067

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's process identifier and...

8.4CVSS0.00131EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/08 8:59 p.m.15 views

CVE-2026-44422

A flaw was found in FreeRDP. A malicious server can exploit a heap use-after-free or double-free vulnerability in the FreeRDP client's RDPEAR authentication-redirection path. This occurs because the RDPEAR NDR parser incorrectly handles pointer reference IDs, leading to the same heap object being...

8.8CVSS6.3AI score0.00384EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/29 7:41 p.m.12 views

EUVD-2026-33434

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...

7.5CVSS5.8AI score0.00384EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/27 9:53 p.m.41 views

CVE-2026-46544 Microsoft UFO reuses client-supplied WebSocket session IDs and replays stale task results to new authenticated requesters

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied sessionid values in WebSocket task messages and reuses an existing in-memory session object if that sessionid already exists. If a prior session...

5.3CVSS0.00422EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-44122

Name of the Vulnerable Software and Affected Versions Microsoft UFO version 3.0.1-4-ge2626659 Description Microsoft UFO is an open-source framework for intelligent automation across devices and platforms. The software accepts client-supplied session id values in WebSocket task messages and reuses...

5.3CVSS5.8AI score0.00422EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises from the manaib driver failing to disable vPort RX steering when destroying RSS QP. As a resul...

5.8AI score0.00129EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.8 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities were caused by a range bypass in the Webhook replay buffer deduplication process, which could allow authentication...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/04/14 1:25 p.m.13 views

Revive Adserver: Session ID reuse allowing XML‑RPC API authentication bypass

Vulnerability description not provided...

4.3CVSS5.8AI score0.0031EPSS
Exploits1
Snyk
Snyk
added 2026/04/02 8:59 p.m.4 views

Replay Attack

Overview @openclaw/zalo is an OpenClaw Zalo channel plugin Affected versions of this package are vulnerable to Replay Attack in the replay deduplication process. An attacker can bypass intended access restrictions by reusing messageId values across authenticated sibling-target delivery paths...

5.4CVSS5.8AI score0.00274EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/03 3:18 p.m.15 views

CVE-2026-24071

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

7.8CVSS5.5AI score0.00146EPSS
Exploits1References1
NVD
NVD
added 2026/02/02 3:16 p.m.7 views

CVE-2022-50975

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled...

8.8CVSS0.00226EPSS
Exploits0References2
OSV
OSV
added 2026/02/02 2:16 p.m.6 views

CVE-2026-24071

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

7.8CVSS5.8AI score0.00146EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/02/02 1:23 p.m.7 views

CVE-2026-24071 XPC Client Validation via PID leading to Local Privilege Escalation in Native Instruments Native Access

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

5.5AI score0.00146EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/02 1:23 p.m.6 views

CVE-2026-24071

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

9.3CVSS5.5AI score0.00146EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/02/02 1:23 p.m.37 views

CVE-2026-24071 XPC Client Validation via PID leading to Local Privilege Escalation in Native Instruments Native Access

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

0.00146EPSS
Exploits1References1
NVD
NVD
added 2026/01/20 4:16 p.m.11 views

CVE-2025-36115

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0.00 through 5.2.0.12 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system...

6.5CVSS0.00135EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/20 3:18 p.m.20 views

CVE-2025-36115 Multiple vulnerabilities were addressed in IBM Sterling Connect:Express for UNIX.

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0.00 through 5.2.0.12 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system...

6.3CVSS0.00135EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 3:18 p.m.4 views

CVE-2025-36115

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0.00 through 5.2.0.12 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system...

6.5CVSS5.3AI score0.00135EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/20 4:13 p.m.5 views

CVE-2025-6515 Reuse of session IDs in oatpp-mcp leads to session hijacking and prompt hijacking by remote attackers

The MCP SSE endpoint in oatpp-mcp returns an instance pointer as the session ID, which is not unique nor cryptographically secure. This allows network attackers with access to the oatpp-mcp server to guess future session IDs and hijack legitimate client MCP sessions, returning malicious responses...

6.8CVSS6.5AI score0.00344EPSS
Exploits0References1
Rows per page
Query Builder