Lucene search
K

196 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2014-9015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to hijack sessions via a crafted request, as demonstrated by a crafted request to a server th...

6.8CVSS6.2AI score0.02458EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:29 p.m.6 views

CVE-2022-3217

When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials...

7.5CVSS7.1AI score0.01127EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:25 p.m.8 views

CVE-2020-27739

A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users' sessions. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...

9.8CVSS7.1AI score0.01814EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 12:41 p.m.4 views

CVE-2010-3471

Session fixation vulnerability in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 4.0.2.x before 4.0.2.7-P8AE-FP007 allows remote attackers to hijack web sessions via unspecified vectors...

4.3CVSS6.9AI score0.0112EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.11 views

CVE-2019-12001

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage versions: GL225P001 and earlier; GL225P001 and...

7.1CVSS7AI score0.0113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 a.m.9 views

CVE-2019-5406

A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...

9CVSS7AI score0.01424EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:42 a.m.11 views

CVE-2019-5400

A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor versions: prior to 5.0.5.1...

6.5CVSS7AI score0.00885EPSS
Exploits0References1
OSV
OSV
added 2025/05/11 3:15 a.m.8 views

CVE-2025-4528

A vulnerability was found in Dígitro NGC Explorer up to 3.44.15 and classified as problematic. This issue affects some unknown processing. The manipulation leads to session expiration. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond i...

9.8CVSS4.8AI score0.00339EPSS
Exploits0References3
OSV
OSV
added 2025/04/28 8:15 p.m.5 views

CVE-2025-45949

A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /loginsystem/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely and...

9.8CVSS5.8AI score0.00425EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/06 2:19 a.m.4 views

CVE-2025-0501

An issue in the native clients for Amazon WorkSpaces when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle...

7.7CVSS7AI score0.00445EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:15 a.m.6 views

CVE-2025-0500

An issue in the native clients for Amazon WorkSpaces when running Amazon DCV protocol, Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle...

7.7CVSS7AI score0.00494EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/02/06 12:0 a.m.5 views

Amazon DCV Client <= 2023.1.8993 MITM

The version of Amazon DCV Client installed on the host is vulnerable to a man-in-the-middle vulnerability, allowing an attacker to access remote sessions. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

7.7CVSS5.5AI score0.00494EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 7:17 p.m.10 views

CVE-2022-26647

A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...

9.8CVSS6.9AI score0.01106EPSS
Exploits0References1
CVE
CVE
added 2025/01/15 6:21 p.m.58 views

CVE-2025-0501

CVE-2025-0501 affects the native Amazon WorkSpaces clients (PCoIP) and is described as allowing an attacker to access remote sessions via man‑in‑the‑middle, due to a trust management issue (as noted by multiple sources). The issue is associated with high impact across confidentiality, integrity, ...

7.7CVSS7.5AI score0.00445EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/01/15 6:20 p.m.6 views

CVE-2025-0500 Issue affecting Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV clients

An issue in the native clients for Amazon WorkSpaces when running Amazon DCV protocol, Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle...

7.7CVSS7.5AI score0.00494EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.23 views

Amazon多款产品 信任管理问题漏洞

Amazon WorkSpaces and others are products of Amazon.com, Inc.Amazon WorkSpaces is a fully hosted, persistent desktop virtualization service that gives your users access to the data, applications, and resources they need, anytime, anywhere, from any supported device.Amazon AppStream is an...

7.7CVSS6.4AI score0.00494EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.6 views

PT-2025-3927 · Amazon · Amazon Workspaces

Name of the Vulnerable Software and Affected Versions: Amazon WorkSpaces affected versions not specified Description: An issue in the native clients for Amazon WorkSpaces when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle. Recommendations: At the...

7.7CVSS7AI score0.00445EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.5 views

PT-2025-3926 · Amazon · Amazon Appstream 2.0 +2

Name of the Vulnerable Software and Affected Versions: Amazon WorkSpaces affected versions not specified Amazon AppStream 2.0 affected versions not specified Amazon DCV Clients affected versions not specified Description: An issue in the native clients for Amazon WorkSpaces, Amazon AppStream 2.0,...

7.7CVSS7AI score0.00494EPSS
Exploits0References8
OSV
OSV
added 2024/11/12 7:15 p.m.10 views

CVE-2024-7516

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...

7.1CVSS7.3AI score0.00243EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.38 views

Brocade Fabric OS 安全漏洞

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade USA. A security vulnerability exists in Brocade Fabric OS versions prior to 9.2.2, which stems from a vulnerability that could allow a man-in-the-middle attack for remote service...

7.1CVSS9.1AI score0.00243EPSS
Exploits1References2
Rows per page
Query Builder