176 matches found
NVIDIA Nano SSH Key Duplication
A potential security vulnerability has been identified in some HP ZGX Nano G1n AI Station products where identical SSH host keys were deployed during the manufacturing process prior to March 19th, 2026. Successful exploitation might lead to unauthorized code execution, privilege escalation, denia...
CLSA-2026-1777884162 Fix CVE(s): CVE-2018-8014
Fix build process: - debian/keystores/ca-cert.pem, ca.jks: regenerate self-signed test CA using the existing ca-key.pem previous CA valid only until 21.03.2025. New validity: 21.04.2026 to 18.04.2036. - debian/keystores/localhost-cert.pem, localhost.jks, localhost-copy1.jks: re-issue against the...
openSUSE 16 Security Update : tor (openSUSE-SU-2026:20589-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20589-1 advisory. Changes in tor: - update to 0.4.8.23: Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem...
CVE-2026-33492
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo's sessionstart function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when th...
CVE-2026-33492
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo's sessionstart function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when th...
CVE-2026-33492 AVideo has Session Fixation via GET PHPSESSID Parameter With Disabled Login Session Regeneration
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo's sessionstart function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when th...
CVE-2026-33492
Mode C: AVideo is affected by CVE-2026-33492 in which session IDs can be supplied via the GET parameter PHPSESSID, allowing an attacker to hijack a victim’s session. The chain includes: (1) attacker-controlled session ID acceptance via _session_start(), bypassing cookies and strict mode; (2) a se...
CVE-2026-33492
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo's sessionstart function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when th...
CVE-2026-33492 AVideo has Session Fixation via GET PHPSESSID Parameter With Disabled Login Session Regeneration
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo's sessionstart function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when th...
WWBN AVideo 授权问题漏洞
WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 26.0 contained vulnerabilities related to authorization issues. These vulnerabilities stemmed from fixed session IDs and bypasses of session regeneration, which could lead ...
AVideo has Session Fixation via GET PHPSESSID Parameter With Disabled Login Session Regeneration
Summary AVideo's sessionstart function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when the request originates from the same domain. Combined with the explicitly...
GHSA-X3PR-VRHQ-VQ43 AVideo has Session Fixation via GET PHPSESSID Parameter With Disabled Login Session Regeneration
Summary AVideo's sessionstart function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when the request originates from the same domain. Combined with the explicitly...
PT-2026-26776
Summary AVideo's session start function accepts arbitrary session IDs via the PHPSESSID GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when the request originates from the same domain. Combined with the explicitly...
EUVD-2026-11086
The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting / Frontend...
CVE-2025-70973
ScadaBR 1.12.4 is vulnerable to Session Fixation. The application assigns a JSESSIONID session cookie to unauthenticated users and does not regenerate the session identifier after successful authentication. As a result, a session created prior to login becomes authenticated once the victim logs i...
CVE-2025-70973
ScadaBR 1.12.4 is vulnerable to Session Fixation. The application assigns a JSESSIONID session cookie to unauthenticated users and does not regenerate the session identifier after successful authentication. As a result, a session created prior to login becomes authenticated once the victim logs i...
CVE-2025-70973
ScadaBR 1.12.4 is vulnerable to Session Fixation. The application assigns a JSESSIONID session cookie to unauthenticated users and does not regenerate the session identifier after successful authentication. As a result, a session created prior to login becomes authenticated once the victim logs i...
CVE-2026-28361 NocoDB: Missing Ownership Validation in MCP Token Operations
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in...
CVE-2026-27118
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowi...
CVE-2026-27118 Cache poisoning in @sveltejs/adapter-vercel
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowi...