Lucene search
K

8 matches found

EUVD
EUVD
added 2026/05/29 5:46 p.m.10 views

EUVD-2026-33402

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, SillyTavern relies on cookie-session for authentication, storing all session data user handle,...

7.5CVSS5.8AI score0.00394EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-39153

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but SESSION SAVE EVERY REQUEST is True. A remote attacker can steal a user's session after that user visits a cached public page. Earlier, unsupported Django...

6.5CVSS5.8AI score0.00544EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8259

Malware in sbrugna...

8.1CVSS8AI score0.01626EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-16243

Malware in sbrugna...

4.3CVSS4.2AI score0.00511EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 8:37 a.m.7 views

CVE-2019-19737

MFScripts YetiShare 3.5.2 through 4.5.3 does not set the SameSite flag on session cookies, allowing the cookie to be sent in cross-site requests and potentially be used in cross-site request forgery attacks...

8.8CVSS6.9AI score0.00452EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/17 9:59 p.m.17 views

CVE-2025-47275

Auth0-PHP provides the PHP SDK for Auth0 Authentication and Management APIs. Starting in version 8.0.0-BETA1 and prior to version 8.14.0, session cookies of applications using the Auth0-PHP SDK configured with CookieStore have authentication tags that can be brute forced, which may result in...

9.1CVSS7AI score0.00467EPSS
Exploits0References1
NVD
NVD
added 2025/05/15 10:15 p.m.13 views

CVE-2025-47275

Auth0-PHP provides the PHP SDK for Auth0 Authentication and Management APIs. Starting in version 8.0.0-BETA1 and prior to version 8.14.0, session cookies of applications using the Auth0-PHP SDK configured with CookieStore have authentication tags that can be brute forced, which may result in...

9.1CVSS0.00467EPSS
Exploits0References6
NVD
NVD
added 2003/12/31 5:0 a.m.14 views

CVE-2003-1249

WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote attackers to hijack sessions...

7.5CVSS6.7AI score0.0259EPSS
Exploits0References6
Rows per page
Query Builder