481 matches found
CVE-2026-46538
Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...
EUVD-2026-32677
Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...
CVE-2026-46538
Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...
CVE-2026-46538
CVE-2026-46538 affects Microsoft UFO open-source framework; in version 3.0.1-4-ge2626659, the constellation client tracks pending task responses by session_id and does not bind completion to the originating device. An authenticated peer can forge a TASK_END with the same session_id to inject atta...
UFO³ 数据伪造问题漏洞
UFO³ is an open-source cross-device collaboration multi-agent task orchestration tool developed by Microsoft. Version UFO³ 3.0.1-4-ge2626659 contains a data manipulation vulnerability. This vulnerability arises from the fact that task responses are tracked using only the sessionid without verifyi...
CVE-2026-44064 ASP session ID out-of-bounds access
An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited information or cause a denial of service via a crafted ASP request...
CVE-2026-44064 ASP session ID out-of-bounds access
An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited information or cause a denial of service via a crafted ASP request...
libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...
CVE-2026-32848
NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodevop within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit...
CVE-2026-32848
CVE-2026-32848 concerns NetBSD: a race condition in the cryptodev_op() function of the opencrypto subsystem that can, under SMP, be triggered by concurrently issuing CIOCCRYPT operations on the same session identifier. The vulnerability allows a local attacker to exploit mutable per-operation sta...
CVE-2026-32848 NetBSD cryptodev Race Condition Double-Free via cryptodev_op()
NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodevop within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit...
EUVD-2026-29496
Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-8214
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...
CVE-2026-8214 Industrial Application Software IAS Canias ERP RMI doAction improper authentication
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...
CVE-2026-8214 Industrial Application Software IAS Canias ERP RMI doAction improper authentication
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...
PT-2026-39427
Name of the Vulnerable Software and Affected Versions Industrial Application Software IAS Canias ERP version 8.03 Description Improper authentication exists in the RMI Interface component. A remote attacker can manipulate the sessionId argument within the doAction function to bypass authenticatio...
Canias ERP 授权问题漏洞
Canias ERP is a comprehensive management system developed by the Swiss company Canias, covering enterprise resource planning and business process management. Version 8.03 of Canias ERP contains an authorization vulnerability. This vulnerability stems from the operation of the doAction function in...
CVE-2026-42276
Onyx has an IDOR vulnerability in POST /chat/stop-chat-session/{chat_session_id}. Authenticated users can stop other users’ active chat sessions because the endpoint authenticates the caller but does not verify that the session belongs to them. An attacker knowing a chat_session_id can interrupt ...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GetSession function. An attacker can access sensitive SSH session data belonging to other tenants by providing a valid session UID and authenticating with any user account...
Session Fixation
Overview Affected versions of this package are vulnerable to Session Fixation due to the missing changeSessionId invocation after session binding. An attacker can hijack user sessions by exploiting the lack of session ID regeneration after authentication. Remediation Upgrade...