Lucene search
K

47 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-3733

Malware in sbrugna...

10CVSS9.4AI score0.36516EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-38899

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01117EPSS
Exploits1References4
OSV
OSV
added 2025/06/20 3:15 p.m.4 views

CVE-2025-3319

IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources...

9.8CVSS5.8AI score0.00322EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:49 a.m.9 views

CVE-2018-11714

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of...

10CVSS7.1AI score0.36516EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/04/28 12:0 a.m.13 views

PHPGurukul Hostel Management System 安全漏洞

Hostel Management System is a hostel management system. Hostel Management System has a session hijacking vulnerability that stems from improper handling of session data in the file /hostel/change-password.php, no details of the vulnerability are available at this time...

9.1CVSS6.9AI score0.0038EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.4 views

ZOHO ManageEngine ADSelfService Plus 授权问题漏洞

ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A security vulnerability exists in ZOHO ManageEngine ADSelfService Plus 6510 and prior versions that stems from improper session...

8.1CVSS9AI score0.01426EPSS
Exploits0References2
Veracode
Veracode
added 2025/01/13 9:0 a.m.8 views

Session Fixation

NiceGUI is vulnerable to Session Fixation. The vulnerability is due to improper session handling, where authenticating with NiceGUI logged in the user across all browsers, including those in incognito mode...

7.5CVSS7AI score0.00368EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2024/06/20 7:32 a.m.17 views

Insecure Authentication

magento/community-edition is vulnerable to Insecure authentication. The vulnerability is due to improper session handling that allows an unauthenticated user to append arbitrary session IDs which will not be invalidated by subsequent authentication, allowing attackers to hijack or manipulate user...

9.8CVSS6.9AI score0.0214EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/08 3:39 p.m.16 views

CVE-2024-31447 Shopware has Improper Session Handling in store-api

Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to POST /store-api/account/logout, the cart will be cleared, but the User won't be logged out. This affects only...

5.3CVSS6.8AI score0.00499EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/08 3:39 p.m.38 views

CVE-2024-31447 Shopware has Improper Session Handling in store-api

Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to POST /store-api/account/logout, the cart will be cleared, but the User won't be logged out. This affects only...

5.3CVSS5.4AI score0.00499EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/12/20 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2023-0352)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.01117EPSS
Exploits2References4
Veracode
Veracode
added 2023/09/05 8:7 a.m.21 views

Improper Session Handling

xrdp is vulnerable to Improper Session Handling. This vulnerability can be exploited by an attacker to bypass OS-level session restrictions. For example, an attacker could use this vulnerability to establish multiple concurrent sessions to a system, even if the system is configured to only allow ...

6.5CVSS6.8AI score0.00728EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2023/08/15 6:25 p.m.16 views

CVE-2023-4337 Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation...

9.7AI score0.00588EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/15 6:25 p.m.11 views

CVE-2023-4337 Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation...

7.2AI score0.00588EPSS
Exploits0References1
CVE
CVE
added 2023/08/15 6:25 p.m.37 views

CVE-2023-4337

CVE-2023-4337 affects the Broadcom RAID Controller web interface. The vulnerability arises from improper session handling of gateway-installed managed servers. Based on NVD metrics, it is a CRITICAL issue (CVSS v3.1: 9.8) with network access, no user interaction required, and high impact to confi...

9.8CVSS9.6AI score0.00588EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2023/08/06 10:2 p.m.25 views

Improper Session Handling

fusiondirectory is vulnerable to Improper Session Handling. The vulnerability exists due to lack of validations in fusiondirectory package which allows an attacker to reuse old session credentials or session IDs for authorization...

9.8CVSS6.8AI score0.01117EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/08 12:0 a.m.25 views

Debian dla-3487 : fusiondirectory - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3487 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3487-1 [email protected]...

9.8CVSS7.4AI score0.01117EPSS
Exploits2References8
OSV
OSV
added 2022/11/22 1:15 a.m.4 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS9.5AI score
Exploits0References3
OSV
OSV
added 2022/11/22 1:15 a.m.2 views

DEBIAN-CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS8.5AI score0.01117EPSS
Exploits1References1
NVD
NVD
added 2022/11/22 1:15 a.m.16 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS0.01117EPSS
Exploits1References3
Rows per page
Query Builder