Lucene search
K

22 matches found

EUVD
EUVD
added 2026/06/26 1:11 a.m.9 views

EUVD-2026-39600

A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID cookie in the HTTP headers, and although the method correctly returned an error, the associated session was not invalidated. As a result, the leaked...

4.3CVSS5.8AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 2:17 p.m.14 views

CVE-2026-56425

The Azure Active Directory AAD authentication implementation contained multiple weaknesses in its OAuth 2.0 authorization flow that could allow attackers to bypass important security guarantees provided by the protocol. The application used the PHP session identifier sessionid as the OAuth state...

9.3CVSS0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 5:51 p.m.28 views

CVE-2026-32932 Chamilo LMS has an Open Redirect via Unvalidated 'page' Parameter in Session Course Edit

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vulnerability in the session course edit page allows an attacker to redirect an authenticated administrator to an arbitrary external URL after saving coach assignment changes. The redirect also leaks th...

4.7CVSS0.00178EPSS
Exploits0References3
CVE
CVE
added 2026/02/02 9:16 p.m.16 views

CVE-2025-69207

CVE-2025-69207 concerns Khoj, a self-hosted AI app. Pre-2.0.0-beta.23, an IDOR in the Notion OAuth callback lets an attacker hijack a user’s Notion integration by manipulating the OAuth callback’s state parameter. The endpoint accepts any user UUID without verifying the initiated OAuth flow, enab...

7.1CVSS5.6AI score0.00361EPSS
Exploits1References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000213)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000213 advisory. The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, i...

7.5CVSS6.9AI score0.03252EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/27 10:20 a.m.2 views

CVE-2025-30038 Session ID leakage in Zone.Identifier of downloaded files

The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...

7.3CVSS6.2AI score0.00157EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.5 views

SUSE SLED15: libruby2_5-2_5 / ruby2.5 / ruby2.5-devel / ruby2.5-devel-extra / etc (SUSE-SU-2025:02739-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02739-1 advisory. - CVE-2025-6442: Fixed readheader HTTP Request Smuggling Vulnerability in WEBrick bsc1245254 -...

6.5CVSS6.6AI score0.00472EPSS
Exploits0References7
OSV
OSV
added 2025/08/08 9:11 a.m.2 views

SUSE-SU-2025:02739-1 Security update for ruby2.5

This update for ruby2.5 fixes the following issues: - CVE-2025-6442: Fixed readheader HTTP Request Smuggling Vulnerability in WEBrick bsc1245254 - CVE-2025-27221: Fixed userinfo leakage in URIjoin, URImerge and URI+ bsc1237805...

6.5CVSS5.7AI score0.00472EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.3 views

Dell EMC ELAN Match-on-Chip FPR solution Security Vulnerability

The Dell EMC ELAN Match-on-Chip FPR solution is an on-chip match-on-chip FPR solution from Dell USA. A security vulnerability exists in previous versions of the Dell EMC ELAN Match-on-Chip FPR solution 3.0.12011.08009 Legacy/3.3.12011.08103 ESS, which stems from a SID leakage vulnerability that c...

6.1CVSS6.7AI score0.00253EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.2 views

SUSE CVE-2019-12746

An issue was discovered in Open Ticket Request System OTRS Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be...

6.5CVSS5AI score0.02018EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/06/01 12:0 a.m.6 views

Nextcloud 安全漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that can be exploited by an attacker to send a user ID to a lookup server when the user is not set to a...

4CVSS5.6AI score0.01205EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/02/24 12:0 a.m.7 views

Jenkins Support Core 信息泄露漏洞

Jenkins Support Core is a Jenkins open source application plugin . Provides in Jenkins to generate support information "bundle" of the basic infrastructure . An information disclosure vulnerability exists in Jenkins Support Core Plugin version 2.72 and earlier. The vulnerability stems from the...

5.3CVSS6AI score0.01206EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/08/10 11:3 p.m.6 views

cxf: CXF's STSClient uses a flawed way of caching tokens that are associated with delegation tokens

It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service STS. This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token...

7.5CVSS7.2AI score0.06827EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.45 views

Scientific Linux Security Update : php on SL4.x i386/x86_64

It was discovered that the PHP escapeshellcmd function did not properly escape multi-byte characters which are not valid in the locale used by the script. This could allow an attacker to bypass quoting restrictions imposed by escapeshellcmd and execute arbitrary commands if the PHP script was usi...

10CVSS7.8AI score0.04696EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2010/08/04 9:30 p.m.5 views

tomcat handling of cookies

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes "'" as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks...

4.3CVSS5.8AI score0.37497EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/08/04 9:30 p.m.5 views

tomcat handling of cookie values

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the " character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks...

4.3CVSS5.8AI score0.16944EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2009/11/09 3:37 p.m.3 views

Improve cookie parsing for tomcat5

Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle 1 double quote " characters or 2 %5C encoded backslash sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable...

5CVSS6AI score0.62575EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.40 views

RedHat Update for php RHSA-2008:0544-01

Check for the Version of php OpenVAS Vulnerability Test RedHat Update for php RHSA-2008:0544-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

10CVSS9AI score0.04696EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2008/07/16 9:36 a.m.7 views

php session ID leakage

The outputaddrewritevar function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a loca...

4.3CVSS5.9AI score0.03393EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/06/30 3:33 p.m.7 views

tomcat handling of cookie values

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the " character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks...

4.3CVSS5.8AI score0.16944EPSS
Exploits4References4
Rows per page
Query Builder