Lucene search
K

28 matches found

EUVD
EUVD
added 2026/04/14 3:5 a.m.3 views

EUVD-2026-22211

PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the browser bridge praisonai browser start is vulnerable to unauthenticated remote session hijacking due to missing authentication and a bypassable origin check on its /ws WebSocket...

9.1CVSS5.8AI score0.00356EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-32594

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.139 praisonaiagents versions prior to 1.5.140 Description The browser bridge is susceptible to unauthenticated remote session hijacking. This occurs due to a lack of authentication and a bypassable origin check ...

9.1CVSS5.8AI score0.00356EPSS
Exploits1References17
ATTACKERKB
ATTACKERKB
added 2026/03/07 12:20 a.m.4 views

CVE-2026-25072

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable session identifier vulnerability in the /goform/SetLogin endpoint that allows remote attackers to hijack authenticated sessions. Attackers can predict session identifiers using insufficiently random cook...

8.6CVSS5.8AI score0.00495EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-15098

Malware in sbrugna...

9.8CVSS9.5AI score0.03255EPSS
Exploits0References4
Redos
Redos
added 2025/09/12 12:0 a.m.2 views

ROS-20250912-15

Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...

6.5CVSS6.7AI score0.00775EPSS
Exploits0
Redos
Redos
added 2025/09/12 12:0 a.m.4 views

ROS-20250912-16

Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...

6.5CVSS6.7AI score0.00775EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-17476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Ticket Request System OTRS 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers ...

8.8CVSS7.8AI score0.02223EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2014-9015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to hijack sessions via a crafted request, as demonstrated by a crafted request to a server th...

6.8CVSS6.2AI score0.02458EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 7:17 p.m.9 views

CVE-2022-26647

A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...

9.8CVSS6.9AI score0.00996EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2024/09/02 4:39 p.m.72 views

Exploit for CVE-2024-5420

CVE-2024-5420XSS Description A vulnerability was found in ut...

8.3CVSS8.8AI score0.055EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.8 views

PT-2024-8964 · Brocade · Brocade Fabric Os

Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS versions prior to 9.2.2 Description: The issue is related to weaknesses in the authentication procedure of Brocade Fabric OS, allowing a remote attacker to hijack a service session. This could be achieved through...

7.1CVSS9.5AI score0.00243EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.4 views

SUSE CVE-2009-2964

Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences, related to 1 functions/mailboxdisplay.php, 2...

6.8CVSS7.3AI score0.01517EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.3 views

SUSE CVE-2014-2066

Session fixation vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack web sessions via vectors involving the "override" of Jenkins cookies...

6.8CVSS6.6AI score0.02061EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.2 views

SUSE CVE-2015-5338

Multiple cross-site request forgery CSRF vulnerabilities in the lesson module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote attackers to hijack the authentication of arbitrary users for requests to 1 mod/lesson/mediafile.php or 2...

8.8CVSS7.4AI score0.00786EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.3 views

Dell EMC SourceOne 跨站脚本漏洞

Dell EMC SourceOne is a powerful archiving solution for handling email, documents and data from disparate collaboration and messaging systems. A stored cross-site scripting vulnerability exists in Dell EMC SourceOne 7.2SP10 and earlier versions. A remote, low-privilege attacker could exploit this...

9CVSS5.4AI score0.00817EPSS
Exploits0References2
Prion
Prion
added 2019/04/01 6:29 p.m.27 views

Session fixation

VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...

7.5CVSS9.4AI score0.03255EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/04/01 6:29 p.m.4 views

CVE-2019-5523

VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...

9.8CVSS7.3AI score0.03255EPSS
Exploits0References3
NVD
NVD
added 2019/04/01 6:29 p.m.29 views

CVE-2019-5523

VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...

9.8CVSS9.5AI score0.03255EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/04/01 5:11 p.m.31 views

CVE-2019-5523

VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...

9.5AI score0.03255EPSS
Exploits0References3
CVE
CVE
added 2019/04/01 5:11 p.m.63 views

CVE-2019-5523

Vulnerability CVE-2019-5523 affects VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3. The issue is a Remote Session Hijack in the Tenant and Provider Portals, allowing an attacker to access those portals by impersonating a currently logged-in session. Public references (VMware ...

9.8CVSS9.4AI score0.03255EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder