Lucene search
K

42 matches found

EUVD
EUVD
added 2026/06/26 12:32 a.m.7 views

EUVD-2026-39597

The Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating communications between the mobile client and the backend REST API. Attackers could potentially reverse the signature to recover the session ID. With the...

8.7CVSS5.9AI score0.00161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.14 views

Debian dla-4602 : lemonldap-ng - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4602 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4602-1 [email protected]...

8CVSS6AI score0.01185EPSS
Exploits0References6
NVD
NVD
added 2026/05/06 1:16 p.m.16 views

CVE-2026-5081

Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId added in version 1.54 uses the value of the UNIQUEID environment variable for the session id. The UNIQUEID variable is set by the Apache moduniqueid...

9.1CVSS0.00302EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.4 views

CVE-2026-33043

WWBN AVideo is an open source video platform. In versions 25.0 and below, /objects/phpsessionid.json.php exposes the current PHP session ID to any unauthenticated request. The allowOrigin function reflects any Origin header back in Access-Control-Allow-Origin with Access-Control-Allow-Credentials...

8.1CVSS5.8AI score0.00345EPSS
Exploits1References1
OSV
OSV
added 2026/03/17 7:52 p.m.5 views

GHSA-QC3P-398R-P59J AVideo affected by Session Hijacking via Unauthenticated Session ID Disclosure with Permissive CORS

Summary /objects/phpsessionid.json.php exposes the current PHP session ID to any unauthenticated request. The allowOrigin function reflects any Origin header back in Access-Control-Allow-Origin with Access-Control-Allow-Credentials: true, enabling cross-origin session theft and full account...

8.1CVSS5.9AI score0.00345EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2003-1302

Malware in sbrugna...

4.3CVSS6.4AI score0.00968EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-10120

Malware in sbrugna...

4.5CVSS4.7AI score0.00339EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-4334

Malware in sbrugna...

6.5CVSS4.7AI score0.02018EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2000-0712

Malware in sbrugna...

2.6CVSS6.4AI score0.011EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0212

Malware in sbrugna...

4.3CVSS6.3AI score0.01334EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-7152

Malware in sbrugna...

6.8CVSS6.4AI score0.00574EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-5056

Malware in sbrugna...

5CVSS6.4AI score0.01135EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-1837

Malware in sbrugna...

5CVSS6.4AI score0.01098EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-9499

Malware in sbrugna...

6.5CVSS7AI score0.00592EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-2864

Malicious code in bioql PyPI...

4.3CVSS6.8AI score0.06232EPSS
Exploits0References68
RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.5 views

CVE-2024-37183

Plain text credentials and session ID can be captured with a network sniffer...

6.9CVSS7AI score0.00246EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 a.m.12 views

CVE-2019-6656

BIG-IP APM Edge Client before version 7.1.8 7180.2019.508.705 logs the full apm session ID in the log files. Vulnerable versions of the client are bundled with BIG-IP APM versions 15.0.0-15.0.1, 14,1.0-14.1.0.6, 14.0.0-14.0.0.4, 13.0.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5. In BIG-IP APM...

7.5CVSS6.9AI score0.01356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 7:9 p.m.8 views

CVE-2007-6470

phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read session ID values in files under tmp/, and then hijack sessions via PHPSESSID cookies...

6.4CVSS6.7AI score0.02088EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/01/29 3:31 p.m.14 views

RuoYi allowed unauthorized attackers to view the session ID of the admin in the system monitoring

RuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in the system monitoring. This issue can allow attackers to impersonate Admin users via using a crafted cookie...

7.2CVSS6.8AI score0.0062EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/01/29 3:31 p.m.6 views

GHSA-V664-QGX9-WF79 RuoYi allowed unauthorized attackers to view the session ID of the admin in the system monitoring

RuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in the system monitoring. This issue can allow attackers to impersonate Admin users via using a crafted cookie...

8.8CVSS6.8AI score0.0062EPSS
Exploits1References5
Rows per page
Query Builder