14 matches found
Insertion of Sensitive Information Into Sent Data
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the GET /sessions/me endpoint, which fails to enforce protectedFields...
Use of Cache Containing Sensitive Information
Overview Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information in the session object. An attacker can cause sensitive user-specific responses to be cached and served to other users by leveraging a caching proxy that does not ignore responses with cookie...
CVE-2025-52633
HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0...
EUVD-2025-206685
HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0...
CVE-2025-52633
HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0...
CVE-2025-52633 HCL AION is susceptible to Missing Content-Security-Policy
HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0...
PT-2026-5907
Name of the Vulnerable Software and Affected Versions HCL AION version 2.0 Description HCL AION is susceptible to a security issue involving the storage of sensitive session data in persistent cookies. This practice can elevate the risk of unauthorized access if these cookies are intercepted or...
EUVD-2012-0002
Malware in sbrugna...
CVE-2022-27636
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, as well as F5 BIG-IP APM Clients 7.x versions prior to 7.2.1.5, BIG-IP Edge Client may log sensitive AP...
F5 BIG-IP APM 日志信息泄露漏洞
F5 BIG-IP APM and F5 BIG-IP APM Clients are both products of F5, Inc. F5 BIG-IP APM Clients is a suite of APM client software. F5 BIG-IP APM is vulnerable to log information disclosure, which can be exploited by attackers to view sensitive information related to APM sessions...
Hashicorp HashiCorp Vault 信息泄露漏洞
HashiCorp HashiCorp Vault is a private key access management tool from HashiCorp Hashicorp, USA. An information disclosure vulnerability exists in HashiCorp Vault, which stems from a misconfiguration of the product's cache that causes the browser to incorrectly cache sensitive information about a...
Information Disclosure
seamonkey is vulnerable to information disclosure. The vulnerability exists if a user has certain extensions installed, it could allow a malicious website to steal sensitive session data. Note: this flaw does not affect a default installation of SeaMonkey...
PYSEC-2012-1
Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors...
CentOS Update for firefox CESA-2008:0103 centos3 x86_64
Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2008:0103 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...