895 matches found
Astra Linux - уязвимость в firefox
When a secure cookie exists in the Firefox cookie jar, an insecure cookie for the same domain could be created. This should have resulted in a silent failure. This could lead to a discrepancy in the expected results when reading from the secure cookie. This vulnerability affects Firefox for Andro...
Security Bulletin: curl vulnerability
Summary Prior versions of Classic Remote Capture may include this curl vulnerability. Vulnerability Details CVEID:CVE-2025-9086 DESCRIPTION: 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but...
EUVD-2026-23176
Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...
CVE-2026-22617
Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...
OPENSUSE-SU-2026:20579-1 Security update for gosec
This update for gosec fixes the following issues: Changes in gosec: - Update to version 2.25.0: choredeps: bump google.golang.org/grpc from 1.75.0 to 1.79.3 1617 fix: allow barry action to access secrets on fork PRs 1616 fix: reduce G117 false positives for custom marshalers and transformed value...
cipher-xbow-benchmark
Cipher XBOW Benchmark Results Black-box assessment results fr...
CVE-2023-31195
ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted 'http' connection, t...
EulerOS Virtualization 2.13.0 : curl (EulerOS-SA-2025-2607)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target...
RLSA-2023:2417 Moderate: php:8.1 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.1.14. Security Fixes: XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cookie could b...
CVE-2025-36134
IBM Sterling B2B Integrator and IBM Sterling File Gateway (versions 6.0.0.0–6.1.2.7_1; 6.2.0.0–6.2.0.5; 6.2.1.1) may disclose sensitive information due to a missing or insecure SameSite attribute on a sensitive cookie (CVE-2025-36134). The root cause is improper SameSite handling that can lead to...
Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable to Information Disclosure (CVE-2025-36134)
Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the information disclosure vulnerability. Please apply the following upgrades to remediate the vulnerability. Vulnerability Details CVEID:CVE-2025-36134 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File...
EUVD-2016-5866
Malware in sbrugna...
EUVD-2002-1139
Malware in sbrugna...
EUVD-2021-0487
Malware in sbrugna...
EUVD-2018-2326
Malware in sbrugna...
EUVD-2019-19299
Malware in sbrugna...
EUVD-2025-1702
Malicious code in bioql PyPI...
EUVD-2025-29014
Malicious code in bioql PyPI...
EUVD-2023-33089
Malicious code in bioql PyPI...
EUVD-2022-38174
Malicious code in bioql PyPI...