196 matches found
CVE-2011-2916
qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions...
UBUNTU-CVE-2010-4664
In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session...
HPE 3PAR StoreServ Management Console Session Reuse Vulnerability
The HPE 3PAR StoreServ Management Console SSMC is an HPE 3PAR management and reporting console that provides converged file and block management on HPE 3PAR StoreServ storage systems. A remote session reuse vulnerability exists in HPE 3PAR StoreServ Management Console 3.5.0. Detailed vulnerabilit...
CVE-2019-5406
A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...
CVE-2019-5400
A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor versions: prior to 5.0.5.1...
CVE-2019-5400
A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor versions: prior to 5.0.5.1...
CVE-2019-5406
A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...
CVE-2019-5406
CVE-2019-5406 concerns a remote session reuse vulnerability in HPE 3PAR StoreServ Management Console and related software (Management and Core Software Media) prior to version 3.5.0.1. Connected documents consistently describe it as a remote session reuse issue affecting HPE 3PAR StoreServ manage...
CVE-2019-5406
A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...
CVE-2019-5400
The CVE-2019-5400 entry describes a remote session reuse/authorization issue in HPE 3PAR Service Processor prior to version 5.0.5.1. Connected sources consistently identify the affected product as HPE 3PAR Service Processor and indicate the root cause is an authorization/session handling flaw tha...
CVE-2019-5523
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...
Session fixation
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...
CVE-2019-5523
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...
CVE-2019-5523
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...
CVE-2019-5523
Vulnerability CVE-2019-5523 affects VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3. The issue is a Remote Session Hijack in the Tenant and Provider Portals, allowing an attacker to access those portals by impersonating a currently logged-in session. Public references (VMware ...
VMSA-2019-0004:VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability
VMSA-2019-0004 VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2019-0004 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware vCloud Director for...
BMC Network Automation 8.7.00.000 Session Hijacking
Intro: The BMC Network Automation allows authenticated users to hijack established remote sessions of other users, version v8.7.00.000 b383 u038 was confirmed to be vulnerable. Details: Authenticated users of the BMC Network Automation web application with assigned aviewera role are able to hijac...
Mouse clicks are no longer sent to a remote session after user has opened Receiver preferences dialog box
When a user has opened the Citrix Receiver preferences dialog box from the Desktop viewer toolbar, all further mouse clicks are ignored by Receiver until the session is disconnected and reconnected...
Track People on the Internet: trape
Trape is a OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their...
Adobe Connect Authentication Bypass Vulnerability (CNVD-2018-14943)
Adobe Connect formerly known as Macromedia Breeze is a set of enterprise-level web-based communication solutions from the U.S. company Audobee Adobe. The program provides web conferencing, e-learning and webinar features. An authentication bypass vulnerability exists in Adobe Connect 9.7.5 and...