5 matches found
CVE-2009-2165
SerendipityNZ aka SimpleBoxes Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id...
CVE-2021-29827
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks again...
SUSE CVE-2010-3694
Cross-site request forgery CSRF vulnerability in the Horde Application Framework before 3.3.9 allows remote attackers to hijack the authentication of unspecified victims for requests to a preference form...
Microsoft Windows NetBIOS Spoofing Vulnerability
Microsoft Windows is the popular computer operating system. Certain versions of Windows have a spoofing vulnerability in the NetBIOS authentication response, which can be exploited by a remote attacker to hijack network traffic, bypass Enhanced Protected Mode or Application Container Protection...
CVE-2016-5420
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate...