6 matches found
EUVD-2025-27766
Malicious code in bioql PyPI...
CVE-2025-30038
The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...
CVE-2025-30038
The CVE-2025-30038 vulnerability concerns a session ID leak when saving a file downloaded from CGM CLININET. The exposed identifier is stored in an NTFS alternate data stream (ADS) via a built-in Windows security feature that preserves extra metadata for files downloaded from potentially untruste...
Graylog 日志信息泄露漏洞
Graylog is a centralized log management solution from Graylog USA. The product supports capturing, storing and analyzing logs in real time, among other things. Graylog suffers from a privilege permission and access control issue vulnerability that stems from a session ID leak in the DEBUG log fil...
rubygem-rack: hijack sessions by using timing attacks targeting the session id
A flaw was found in rubygem-rack in versions prior to 1.6.12 and 2.0.8. An information leak may allow an attacker to find and hijack sessions using timing attacks targeting the session ID. The highest threat from the vulnerability is to data confidentiality...
rubygem-rack: hijack sessions by using timing attacks targeting the session id
A flaw was found in rubygem-rack in versions prior to 1.6.12 and 2.0.8. An information leak may allow an attacker to find and hijack sessions using timing attacks targeting the session ID. The highest threat from the vulnerability is to data confidentiality...