2356 matches found
PYSEC-2025-14
An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...
PT-2025-14483
Name of the Vulnerable Software and Affected Versions Django versions 5.1 before 5.1.8 Django versions 5.0 before 5.0.14 Description An issue was discovered where the NFKC normalization is slow on Windows, making certain views subject to a potential denial-of-service attack via certain inputs wit...
IBM Jazz Reporting Service 代码问题漏洞
IBM Jazz Reporting Service is a suite of ready-to-use reporting components from International Business Machines IBM. The product includes features such as report generation, data collection and lifecycle queries. A code issue vulnerability exists in IBM Jazz Reporting Service that stems from a...
CVE-2025-28132
A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse session tokens even after a user logs out, leading to unauthorized access and account takeover. This occurs due to insufficient session expiration, where session tokens remain valid beyond logout, allowing...
Nagios Network Analyzer 代码问题漏洞
Nagios Network Analyzer is an enterprise solution for monitoring and analyzing network traffic from Nagios, Inc. A security vulnerability exists in Nagios Network Analyzer version 2024R1.0.3, which stems from a session management flaw that could cause session tokens to be reused even after logout...
CVE-2023-52975
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
CVE-2025-2596
Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...
SUSE CVE-2023-52975
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
CVE-2023-52975
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
UBUNTU-CVE-2023-52975
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
CVE-2023-52975 scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
CVE-2023-52975
CVE-2023-52975 affects the Linux kernel SCSI/iscsi_tcp component. A use-after-free (UAF) can occur during iSCSI session logout if another task accesses the shost ipaddress attribute, triggering KASAN reports. The issue has concrete fixes in the Linux kernel (e.g., commits in the referenced reposi...
CVE-2023-52975
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
Hiro: Logout Bypass Vulnerability in Hiro.so
Summary A logout bypass vulnerability has been identified on platform.hiro.so, allowing users to regain access to their session after logging out simply by pressing the back button on the browser. This issue arises due to improper session invalidation and potential caching misconfigurations. If...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel, which stems from the possibility of post-release reuse of the scsi iscsitcp component when accessing the host...
CVE-2025-2596
Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...
CVE-2025-2596
Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...
CVE-2025-2596 Session logout can be overwritten by long lasting request
Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...
CVE-2025-2596
CVE-2025-2596 concerns Checkmk software from Checkmk GmbH where session logout can be overwritten by a long-lasting request. Affected versions are <2.3.0p30,
CVE-2025-2596 Session logout can be overwritten by long lasting request
Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...