Lucene search
K

8 matches found

EUVD
EUVD
added 2026/06/23 2:25 p.m.8 views

EUVD-2026-38451

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

10CVSS5.9AI score0.00408EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.11 views

PT-2026-51521

Name of the Vulnerable Software and Affected Versions FOSSBilling versions 0.5.4 through 0.7.x Description An authorization bypass in the API role handling allows unauthenticated access to privileged '/api/system/' endpoints. Because system resolves to the cron admin identity, attackers can invok...

10CVSS5.9AI score0.00408EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the unconditional expiration of sessions when binding fails. This could allow remote attackers to...

8.2CVSS7.2AI score0.00499EPSS
Exploits0References1
NVD
NVD
added 2024/02/09 10:15 p.m.9 views

CVE-2023-45718

Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive cookie values in a persistent manner in Sametime Web clients. When this happens, cookie values can remain valid even after a user has closed out their session...

7.5CVSS4.1AI score0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/09 9:22 p.m.20 views

CVE-2023-45718 HCL Sametime is impacted by a failure to invalidate sessions

Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive cookie values in a persistent manner in Sametime Web clients. When this happens, cookie values can remain valid even after a user has closed out their session...

3.9CVSS4.5AI score0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/12 12:0 a.m.10 views

PT-2022-28162 · Enonic · Enonic Xp

Name of the Vulnerable Software and Affected Versions: Enonic XP versions less than 7.7.4 Description: The issue is a session fixation problem that allows a remote and unauthenticated attacker to use prior sessions due to the lack of invalidating session attributes. This affects all id-providers...

9.8CVSS9.3AI score0.00836EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.56 views

Jetty 11.0.x < 11.0.3 Multiple Vulnerabilities

According to its self-reported version number, the instance of Jetty hosted on the remote web server is prior to 9.4.41, 10.0.x prior to 10.0.3 or 11.0.x prior to 11.0.3. It is, therefore, affected by multiple vulnerabilities: - An issue with failure to invalidate sessions after an exception in t...

5.3CVSS5.7AI score0.7848EPSS
Exploits3References4
OSV
OSV
added 2021/02/19 7:15 p.m.2 views

DEBIAN-CVE-2021-27351

The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...

5.3CVSS5.6AI score0.00843EPSS
Exploits0References1
Rows per page
Query Builder