CVE-2025-25252

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4 all versions may allow a remote attacker e.g. a former admin whose account was removed and whose session was terminated in possessi...

EUVD-2024-44207

Malicious code in bioql PyPI...

CVE-2023-5309

Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations...

CVE-2025-0126

CVE-2025-0126 affects PAN-OS GlobalProtect SAML login where a session fixation flaw allows an attacker to impersonate a legitimate user after the user clicks a malicious link. The PAN-OS PAN-OS management interface SAML login is not affected; Cloud NGFW and Prisma Access instances are proactively...

BIT-GITLAB-2024-4597 Cross-Site Request Forgery (CSRF) in GitLab

An issue has been discovered in GitLab EE affecting all versions from 16.7 before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2. An attacker could force a user with an active SAML session to approve an MR via CSRF...

GitLab Enterprise Edition 跨站请求伪造漏洞

GitLab Enterprise Edition EE is a content management system from GitLab Corporation. A cross-site request forgery vulnerability exists in GitLab Enterprise Edition, which allows an attacker to force a user with an active SAML session to approve MR via CSRF.The affected versions are as follows: 16...

CVE-2024-4597 Cross-Site Request Forgery (CSRF) in GitLab

An issue has been discovered in GitLab EE affecting all versions from 16.7 before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2. An attacker could force a user with an active SAML session to approve an MR via CSRF...

CVE-2024-4597

Removed by vendor...