EUVD-2026-9178

An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME...

CVE-2026-28275

Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 do not invalidate previously issued JWT access tokens after a user changes their password. As a result, older tokens remain valid until expiration and can still be used to access protected API...

Initiative 代码问题漏洞

Initiative is an open-source project management platform developed by Morelitea. Versions of Initiative prior to 0.32.4 contained code vulnerabilities. These vulnerabilities stemmed from a lack of mechanism to invalidate previously issued JWT access tokens after users changed their passwords,...

EUVD-2023-60092

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with .end = zero On r8a7791/koelsch: kmemleak: 1 new suspected memory leaks see /sys/kernel/debug/kmemleak cat /sys/kernel/debug/kmemleak unreferenced object 0xc3a34e00 size 64: comm...

EUVD-2018-17851

Malware in sbrugna...

CVE-2023-49881

IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

PT-2025-38232

Name of the Vulnerable Software and Affected Versions: CISA Thorium versions prior to 1.1.1 Description: CISA Thorium does not properly invalidate previously used tokens when resetting passwords. An attacker possessing a previously used token could potentially log in after a password reset...

Low: jetty

Issue Overview: For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a...

Darwin Factor 代码问题漏洞

Darwin Factor is a free and open source next-generation TypeScript framework from Darwin, Inc. It is used to create blogs, login pages, and JamStack applications. Darwin Factor has a security vulnerability that stems from incorrectly invalidating a user's session even after the user logs out of t...

CVE-2018-6088

An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

CVE-2018-6088

CVE-2018-6088 affects Google Chrome/Chromium via a use-after-free in the PDFium library. The issue allows remote code execution inside the sandbox when processing crafted PDFs, currently mitigated by updating to Chrome/Chromium 66.0.3359.117 (and similarly updated Chromium packages in Debian/Fedo...

CVE-2018-6088

Removed by vendor...

CVE-2018-6088

An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...