Lucene search
K

16 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-43604

EIPStackGroup OpENer 2.3.0 commit 76b95cf suffers from an Incorrect Access Control vulnerability in its handling of encapsulation sessions. When the server processes critical encapsulation commands, it verifies whether the provided sessionhandle exists in the global session list, but it fails to...

9.1CVSS6.1AI score0.00198EPSS
Exploits0References3
NVD
NVD
added 2 days ago6 views

CVE-2026-51538

EIPStackGroup OpENer 2.3.0 commit 76b95cf suffers from an Incorrect Access Control vulnerability in its handling of encapsulation sessions. When the server processes critical encapsulation commands, it verifies whether the provided sessionhandle exists in the global session list, but it fails to...

9.1CVSS0.00198EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-51538

EIPStackGroup OpENer 2.3.0 commit 76b95cf suffers from an Incorrect Access Control vulnerability in its handling of encapsulation sessions. When the server processes critical encapsulation commands, it verifies whether the provided sessionhandle exists in the global session list, but it fails to...

0.00198EPSS
Exploits0References2
CVE
CVE
added 2 days ago17 views

CVE-2026-51538

CVE-2026-51538 (OpENer 2.3.0) describes an Incorrect Access Control in encapsulation session handling. The server validates that a session_handle exists in the global list but does not verify that the handle belongs to the TCP connection issuing the request. With no strong binding between a sessi...

9.1CVSS6.1AI score0.00198EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.4 views

SUSE CVE-2020-15204

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS5.5AI score0.00903EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/04/27 6:55 a.m.16 views

kernel: iscsi: unrestricted access to sessions and handles

A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system...

4.4CVSS6.8AI score0.00711EPSS
Exploits1References5
PyPA
PyPA
added 2020/09/25 7:15 p.m.9 views

PYSEC-2020-127

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS7.1AI score0.00903EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2020/09/25 7:15 p.m.8 views

PYSEC-2020-319

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS7.1AI score0.00903EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/09/25 7:15 p.m.8 views

PYSEC-2020-127

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS5.9AI score0.00903EPSS
Exploits1References4
OSV
OSV
added 2020/09/25 7:15 p.m.6 views

PYSEC-2020-319

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS6.1AI score0.00903EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2020/09/25 6:46 p.m.4 views

CVE-2020-15204

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS7.1AI score0.00903EPSS
Exploits1
OSV
OSV
added 2020/09/25 6:28 p.m.6 views

GHSA-Q8GV-Q7WR-9JF8 Segfault in Tensorflow

Impact In eager mode, TensorFlow does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference:...

6.9CVSS6AI score0.00903EPSS
Exploits1References9
seebug.org
seebug.org
added 2015/03/08 12:0 a.m.49 views

ThinkPHP一处过滤不当造成SQL注入漏洞

简要描述: 内核中某个模块开发的太粗糙啦。 详细说明: 问题出现在session,Thinkphp支持更换session handle。 handle中包括Db和Memcache,如下配置即可使用数据库作为session的存储器: 设置了选项后,在数据库里插入这个表(前缀think可以自己定义): / 数据库方式Session驱动 CREATE TABLE thinksession sessionid varchar255 NOT NULL, sessionexpire int11 NOT NULL, sessiondata blob, UNIQUE KEY sessionid...

7.1AI score
Exploits0
NVD
NVD
added 2009/06/25 11:14 p.m.18 views

CVE-2009-2219

Multiple cross-site scripting XSS vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the 1 SESSIONhandle parameter to a home.php, b books/allbooks.php, or c books/home.php; or the 2 home parameter to d ihead.php or e inav.php, or f...

4.3CVSS5.8AI score0.01216EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2009/06/25 11:14 p.m.3 views

CVE-2009-2219

Multiple cross-site scripting XSS vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the 1 SESSIONhandle parameter to a home.php, b books/allbooks.php, or c books/home.php; or the 2 home parameter to d ihead.php or e inav.php, or f...

4.3CVSS5.4AI score0.01216EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/06/25 9:0 p.m.22 views

CVE-2009-2219

Multiple cross-site scripting XSS vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the 1 SESSIONhandle parameter to a home.php, b books/allbooks.php, or c books/home.php; or the 2 home parameter to d ihead.php or e inav.php, or f...

5.8AI score0.01216EPSS
Exploits0References2
Rows per page
Query Builder