Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-3733

Malware in sbrugna...

10CVSS9.4AI score0.02961EPSS
Exploits1References3
OSV
OSVadded 2025/06/20 3:15 p.m.2 views

CVE-2025-3319

IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources...

9.8CVSS5.8AI score
Exploits0References1
CNNVD
CNNVDadded 2025/04/28 12:0 a.m.4 views

PHPGurukul Hostel Management System 安全漏洞

Hostel Management System is a hostel management system. Hostel Management System has a session hijacking vulnerability that stems from improper handling of session data in the file /hostel/change-password.php, no details of the vulnerability are available at this time...

9.1CVSS6.9AI score0.00176EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/03/03 12:0 a.m.1 views

ZOHO ManageEngine ADSelfService Plus 授权问题漏洞

ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A security vulnerability exists in ZOHO ManageEngine ADSelfService Plus 6510 and prior versions that stems from improper session...

8.1CVSS9AI score0.0029EPSS
Exploits0References2
Veracode
Veracodeadded 2025/01/13 9:0 a.m.6 views

Session Fixation

NiceGUI is vulnerable to Session Fixation. The vulnerability is due to improper session handling, where authenticating with NiceGUI logged in the user across all browsers, including those in incognito mode...

7.5CVSS7AI score0.00172EPSS
Exploits0References4Affected Software1
Veracode
Veracodeadded 2024/06/20 7:32 a.m.15 views

Insecure Authentication

magento/community-edition is vulnerable to Insecure authentication. The vulnerability is due to improper session handling that allows an unauthenticated user to append arbitrary session IDs which will not be invalidated by subsequent authentication, allowing attackers to hijack or manipulate user...

9.8CVSS6.9AI score0.00424EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2024/04/08 3:39 p.m.13 views

CVE-2024-31447 Shopware has Improper Session Handling in store-api

Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to POST /store-api/account/logout, the cart will be cleared, but the User won't be logged out. This affects only...

5.3CVSS5.4AI score0.00164EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/04/08 3:39 p.m.15 views

CVE-2024-31447 Shopware has Improper Session Handling in store-api

Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to POST /store-api/account/logout, the cart will be cleared, but the User won't be logged out. This affects only...

5.3CVSS6.8AI score0.00164EPSS
Exploits0References3
OpenVAS
OpenVASadded 2023/12/20 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2023-0352)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00191EPSS
Exploits2References4
Veracode
Veracodeadded 2023/09/05 8:7 a.m.18 views

Improper Session Handling

xrdp is vulnerable to Improper Session Handling. This vulnerability can be exploited by an attacker to bypass OS-level session restrictions. For example, an attacker could use this vulnerability to establish multiple concurrent sessions to a system, even if the system is configured to only allow ...

6.5CVSS6.8AI score0.00058EPSS
Exploits0References8Affected Software1
CVE
CVEadded 2023/08/15 6:25 p.m.31 views

CVE-2023-4337

CVE-2023-4337 affects the Broadcom RAID Controller web interface. The vulnerability arises from improper session handling of gateway-installed managed servers. Based on NVD metrics, it is a CRITICAL issue (CVSS v3.1: 9.8) with network access, no user interaction required, and high impact to confi...

9.8CVSS9.6AI score0.00113EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/08/15 6:25 p.m.15 views

CVE-2023-4337 Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation...

9.7AI score0.00113EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/08/15 6:25 p.m.9 views

CVE-2023-4337 Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation

Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation...

7.2AI score0.00113EPSS
Exploits0References1
Veracode
Veracodeadded 2023/08/06 10:2 p.m.22 views

Improper Session Handling

fusiondirectory is vulnerable to Improper Session Handling. The vulnerability exists due to lack of validations in fusiondirectory package which allows an attacker to reuse old session credentials or session IDs for authorization...

9.8CVSS6.8AI score0.00166EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/07/08 12:0 a.m.25 views

Debian dla-3487 : fusiondirectory - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3487 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3487-1 [email protected]...

9.8CVSS7.4AI score0.00989EPSS
Exploits2References8
NVD
NVDadded 2022/11/22 1:15 a.m.14 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS0.00166EPSS
Exploits1References3
Prion
Prionadded 2022/11/22 1:15 a.m.12 views

Design/Logic Flaw

Fusiondirectory 1.3 suffers from Improper Session Handling...

7.5CVSS9.4AI score0.00166EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2022/11/22 1:15 a.m.0 views

UBUNTU-CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS5.8AI score0.00166EPSS
Exploits1References4
CVE
CVEadded 2022/11/22 12:0 a.m.69 views

CVE-2022-36179

CVE-2022-36179 affects Fusiondirectory 1.3 and is due to Improper Session Handling. The connected advisories indicate a vulnerability in Fusiondirectory 1.3 requiring a package update; Mageia MGASA-2023-0352 notes updated fusiondirectory packages fix the issues, and Debian DLA-3487/DLA-3487-1 ref...

9.8CVSS9.3AI score0.00166EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCveadded 2022/11/22 12:0 a.m.41 views

CVE-2022-36179

Fusiondirectory 1.3 suffers from Improper Session Handling...

9.8CVSS7.2AI score0.00166EPSS
Exploits1References3
Rows per page
Query Builder