CVE-2024-58317

A cookie security configuration vulnerability in Kentico Xperience allows attackers to bypass SSL requirements when setting administration cookies via web.config. The vulnerability affects .NET Framework projects by incorrectly handling the 'requireSSL' attribute, potentially compromising session...

PT-2025-52324

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A configuration issue in Kentico Xperience related to cookie security allows attackers to bypass SSL requirements when setting administration cookies through the web.config file. Th...

CVE-2015-5152

CVE-2015-5152 affects Foreman versions 1.1 through 1.9.0-RC1, where HTTP requests are not redirected to HTTPS when require_ssl is true, enabling a MITM to capture credentials. Root cause is lack of HTTP-to-HTTPS redirection under the require_ssl setting. Impact is credential leakage via network a...

PT-2017-6817 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions 1.1 through 1.9.0-RC1 Description: The issue allows remote attackers to obtain user credentials via a man-in-the-middle attack because HTTP requests are not redirected to HTTPS when the require ssl setting is set to true...

Pidgin Multiple Vulnerabilities (Sep 2009) - Linux

Pidgin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...