PT-2025-3303 · Mailcow · Mailcow

Name of the Vulnerable Software and Affected Versions: Mailcow versions through 2024-11b Description: The issue is related to a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a victim's browser. After a user logs in...

SUSE CVE-2018-14345

An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and...

Dell Emc Streaming Data Platform代码问题漏洞

Dell Emc Streaming Data Platform, a Dell platform for real-time ingestion, storage and analysis of continuous streaming data, is vulnerable to a code issue that could be exploited by a remote, unauthenticated attacker to reuse old session artifacts to emulate a legitimate user...

DEBIAN-CVE-2018-14345

An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and...

UBUNTU-CVE-2018-14345

An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and...