Lucene search
K

388 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-27475

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00545EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-42656

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00508EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-7764

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.00422EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-44177

Malicious code in bioql PyPI...

4.6CVSS4.8AI score0.00302EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19849

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00247EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-54506

Malicious code in bioql PyPI...

3.5CVSS4AI score0.00289EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-0829

Malicious code in bioql PyPI...

4.3CVSS7.1AI score0.01831EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-46386

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.0036EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/11 8:27 p.m.5 views

CVE-2025-36011

IBM Jazz for Service Management 1.1.3.0 through 1.1.3.24 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to...

4.3CVSS6.5AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2025/09/09 7:32 p.m.18 views

CVE-2025-36011

CVE-2025-36011 affects IBM Jazz for Service Management versions 1.1.3.0–1.1.3.24. The underlying issue is that authorization tokens and session cookies are stored without the Secure attribute, enabling cookie disclosure if a user is directed to or visits an insecure HTTP link. This could allow an...

4.3CVSS6AI score0.00165EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/09 11:56 a.m.7 views

Security Bulletin: IBM Jazz for Service Management is vulnerable to "cookiesEnabled" cookie not sent over SSL

Summary IBM Jazz for Service Management is vulnerable to "cookiesEnabled" cookie not sent over SSL CVE-2025-36011. Vulnerability Details CVEID:CVE-2025-36011 DESCRIPTION: IBM Jazz for Service Management does not set the secure attribute on authorization tokens or session cookies. Attackers may be...

4.3CVSS6.4AI score0.00165EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.5 views

PT-2025-36933

Name of the Vulnerable Software and Affected Versions: IBM Jazz for Service Management versions 1.1.3.0 through 1.1.3.24 Description: IBM Jazz for Service Management does not set the secure attribute on authorization tokens or session cookies. This may allow attackers to obtain cookie values by...

4.3CVSS6.1AI score0.00165EPSS
Exploits0References4
NVD
NVD
added 2025/09/03 8:15 p.m.6 views

CVE-2025-55162

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In versions below 1.32.10 and 1.33.0 through 1.33.6, 1.34.0 through 1.34.4 and 1.35.0, insufficient Session Expiration in the Envoy OAuth2 filter leads to failed logout operations. Whe...

8.8CVSS0.0031EPSS
Exploits1References2
CVE
CVE
added 2025/09/03 7:51 p.m.21 views

CVE-2025-55162

CVE-2025-55162 affects Envoy (OAuth2 filter). The issue is insufficient Session Expiration: when cookie names are __Secure- or __Host-, the filter fails to add the Secure attribute to the Set-Cookie header during deletion, causing cookies to persist and enabling session hijacking on shared machin...

8.8CVSS6.3AI score0.0031EPSS
Exploits1References2Affected Software1
Redos
Redos
added 2025/08/28 12:0 a.m.3 views

ROS-20250828-03

The Apache Tomcat application server vulnerability is due to Apache Tomcat not setting the attribute "Secure" attribute for session cookie JSESSIONID when using RemoteIpFilter with requests, received from a reverse proxy server over HTTP and containing an X-Forwarded-Proto header set to on https...

4.3CVSS7.5AI score0.01831EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/28 12:0 a.m.4 views

FreeBSD : Mozilla -- cookie shadowing (5abc2187-685e-11f0-a12d-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5abc2187-685e-11f0-a12d-b42e991fc52e advisory. [email protected] reports: Setting a nameless cookie with an equals sign in the value shadowed other...

9.1CVSS5.5AI score0.00217EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/07/23 11:25 p.m.6 views

SUSE CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

5.4CVSS7.3AI score0.00217EPSS
Exploits0References6
NVD
NVD
added 2025/07/22 9:15 p.m.5 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS0.00217EPSS
Exploits0References5
OSV
OSV
added 2025/07/22 9:15 p.m.6 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS5.8AI score0.00217EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/07/22 8:49 p.m.5 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS5.8AI score0.00217EPSS
Exploits0References6
Rows per page
Query Builder