CVE-2025-24502

An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address...

PT-2025-5374 · Broadcom · Symantec Privileged Access Management

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP addres...

Security Bulletin: A vulnerability in IBM Websphere Application Server affects the IBM Performance Management product (CVE-2019-4304)

Summary A vulnerability in IBM Websphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM Performance Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-4304 DESCRIPTION: IBM...

UBUNTU-CVE-2018-18926

Gitea before 1.5.4 allows remote code execution because it does not properly validate session IDs. This is related to session ID handling in the go-macaron/session code for Macaron...