5 matches found
MiracleLinux 8 : httpd:2.4 (AXSA:2025-10834:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10834:01 advisory. httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible usi...
EUVD-2023-12886
Malicious code in bioql PyPI...
SUSE-SU-2021:1162-1 Security update for rubygem-actionpack-4_2
This update for rubygem-actionpack-42 fixes the following issues: - CVE-2019-16782: Possible Information Leak / Session Hijack Vulnerability in Rack bsc1159548...
SUSE-SU-2020:0359-1 Security update for rubygem-rack
This update for rubygem-rack to version 2.0.8 fixes the following issues: - CVE-2018-16471: Fixed a cross-site scripting XSS flaw via the scheme method on Rack::Request bsc1116600. - CVE-2019-16782: Fixed a possible information leak and session hijack vulnerability bsc1159548...
CVE-2009-2165
SerendipityNZ aka SimpleBoxes Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id...