Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27766

Malicious code in bioql PyPI...

9.4CVSS6.2AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2025/08/27 11:15 a.m.4 views

CVE-2025-30038

The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...

7.3CVSS0.00157EPSS
Exploits0References1
CVE
CVE
added 2025/08/27 10:20 a.m.15 views

CVE-2025-30038

The CVE-2025-30038 vulnerability concerns a session ID leak when saving a file downloaded from CGM CLININET. The exposed identifier is stored in an NTFS alternate data stream (ADS) via a built-in Windows security feature that preserves extra metadata for files downloaded from potentially untruste...

7.3CVSS6.2AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/31 12:0 a.m.4 views

Graylog 日志信息泄露漏洞

Graylog is a centralized log management solution from Graylog USA. The product supports capturing, storing and analyzing logs in real time, among other things. Graylog suffers from a privilege permission and access control issue vulnerability that stems from a session ID leak in the DEBUG log fil...

9.8CVSS5.6AI score0.01286EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/10/27 12:58 p.m.5 views

rubygem-rack: hijack sessions by using timing attacks targeting the session id

A flaw was found in rubygem-rack in versions prior to 1.6.12 and 2.0.8. An information leak may allow an attacker to find and hijack sessions using timing attacks targeting the session ID. The highest threat from the vulnerability is to data confidentiality...

6.3CVSS6.6AI score0.03687EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/06/10 1:40 p.m.4 views

rubygem-rack: hijack sessions by using timing attacks targeting the session id

A flaw was found in rubygem-rack in versions prior to 1.6.12 and 2.0.8. An information leak may allow an attacker to find and hijack sessions using timing attacks targeting the session ID. The highest threat from the vulnerability is to data confidentiality...

6.3CVSS6.6AI score0.03687EPSS
Exploits0References5
Rows per page
Query Builder