88 matches found
CVE-2016-7038
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed...
CVE-2016-7038
In Moodle 2.x and 3.x, web service tokens are not invalidated when the user password is changed or forced to be changed...
Debian: Security Advisory (DSA-3025-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-5253
OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is invalidated, which allows remote authenticated users to retain access via a domain-scoped token for that domain...
X (Formerly Twitter): Broken authentication and invalidated email address leads to account takeover
Hi, team. I found a bug in twitter.com Description and POC: 1 Create a twitter account having email address "[email protected]". 2 Now Logout and ask for password reset link. Don't use the password reset link. 3 Login using the same password back and update your email address to "[email protected]" and verify...
CVE-2014-0906
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not check whether a session cookie is current, which allows remote attackers to conduct user-search actions by leveraging possession of a 1 expired or 2 invalidated cookie...
Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a Col element is used within an...
CVE-2005-2965
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2005-4802 and CVE-2005-4803 to determi...