Lucene search
+L

175 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-38968

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak...

9.8CVSS6AI score0.00379EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 9:16 p.m.7 views

CVE-2026-38968

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding...

9.8CVSS0.00379EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 9:16 p.m.5 views

UBUNTU-CVE-2026-38968

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding...

9.8CVSS6AI score0.00379EPSS
Exploits0References4
CVE
CVE
added 2026/07/02 12:0 a.m.20 views

CVE-2026-38968

ntopng (through 6.6) is reported vulnerable to a Predictable Session Identifier flaw. The issue occurs in HTTPsession creation within src/HTTPserver.cpp, where time-seeded pseudo-randomness can yield deterministic or colliding cookies, enabling session hijacking under attacker-controlled timing. ...

9.8CVSS5.8AI score0.00379EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/02 12:0 a.m.4 views

CVE-2026-38968

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding...

9.8CVSS6AI score0.00379EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/02 12:0 a.m.51 views

CVE-2026-38968

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding...

0.00379EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 4:48 p.m.17 views

CVE-2026-45448

CVE-2026-45448 is associated with an open redirect (CWE-601) affecting ntopng per CVE listings. The vulnerability involves URL redirection to an untrusted site. Concrete exploit details, affected versions, and remediation steps are not provided in the connected documents. The CVSS-based impact is...

4.3CVSS5.7AI score0.00166EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:48 p.m.5 views

CVE-2026-45448 ntopng - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-601 URL redirection to untrusted site 'open redirect'...

4.3CVSS5.7AI score0.00166EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 4:48 p.m.41 views

CVE-2026-45448 ntopng - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-601 URL redirection to untrusted site 'open redirect'...

4.3CVSS0.00166EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/02/05 10:21 p.m.6 views

CVE-2026-24809 affecting package ntopng for versions less than 5.2.1-4

CVE-2026-24809 affecting package ntopng for versions less than 5.2.1-4. A patched version of the package is available...

6.9CVSS5.3AI score0.00139EPSS
Exploits0
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.169 views

Ntopng Authentication Bypass

Ntopng, a passive network monitoring tool, contains an authentication bypass vulnerability in ntopng = 4.2 id: CVE-2021-28073 info: name: Ntopng Authentication Bypass author: z3bd severity: critical description: Ntopng, a passive network monitoring tool, contains an authentication bypass...

9.8CVSS9.2AI score0.14195EPSS
Exploits1References3
OSV
OSV
added 2026/01/27 9:15 a.m.8 views

AZL-75542 CVE-2026-24809 affecting package ntopng for versions less than 5.2.1-4

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

6.9CVSS5.7AI score0.00139EPSS
Exploits0References1
OSV
OSV
added 2026/01/27 9:15 a.m.10 views

AZL-75470 CVE-2026-24809 affecting package ntopng for versions less than 5.2.1-4

An issue from the component luaGrunerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs...

6.9CVSS5.7AI score0.00139EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/01/12 9:27 p.m.8 views

CVE-2021-44964 affecting package ntopng for versions less than 5.2.1-6

CVE-2021-44964 affecting package ntopng for versions less than 5.2.1-6. A patched version of the package is available...

6.3CVSS6.9AI score0.00985EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0106

Malware in sbrugna...

4.3CVSS6.3AI score0.01233EPSS
Exploits2References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-14577

Malware in sbrugna...

8.8CVSS8.6AI score0.03384EPSS
Exploits4References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-16482

Malware in sbrugna...

7.5CVSS7.5AI score0.01906EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-16483

Malware in sbrugna...

7.5CVSS7.5AI score0.00866EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-8252

Malware in sbrugna...

6CVSS6.1AI score0.05099EPSS
Exploits5References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-16440

Malware in sbrugna...

6.1CVSS6.3AI score0.00631EPSS
Exploits0References2
Rows per page
Query Builder