Lucene search
K

72 matches found

Cvelist
Cvelist
added 2025/01/04 12:0 a.m.29 views

CVE-2025-22386

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B application, affecting the longevity of active sessions in the storefront. This allows session tokens tied to logged-out sessions to still be active and usable...

0.00279EPSS
Exploits0References1
Citrix
Citrix
added 2024/09/11 12:0 a.m.6 views

The '?/' key on a Portuguese (Brazil) ABNT2 keyboard does not function in Linux sessions

When launching a Citrix session from an endpoint using Windows and a ABNT2 - Portuguese Brazil keyboard layout, the Windows keyboard key '?/' does not function inside a Linux VDA published desktop or application session...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2024/08/13 12:0 a.m.2 views

IBM Cloud Pak for Security和IBM QRadar Suite 代码问题漏洞

IBM Cloud Pak for Security and IBM QRadar Suite are both products of International Business Machines IBM, U.S.A. IBM Cloud Pak for Security is a software application. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automate...

4.7CVSS6.4AI score0.00285EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.9 views

PT-2024-40176 · Packagist · Typo3/Cms-Core

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, use: Software affected versions not specified Description: A security issue has been found where session data of authenticated frontend users is not properly cleared during the logout process. As a...

8.2CVSS7AI score
Exploits0References6
OSV
OSV
added 2023/10/26 8:26 a.m.22 views

SUSE-SU-2023:4210-1 Security update for jetty-minimal

This update for jetty-minimal fixes the following issues: - Updated to version 9.4.53.v20231009: - CVE-2023-44487: Fixed a potential denial of service scenario via RST frame floods bsc1216169. - CVE-2023-36478: Fixed an integer overflow in the HTTP/2 HPACK decoder bsc1216162. - CVE-2023-40167:...

7.5CVSS7.8AI score0.99999EPSS
Exploits22References11
Citrix
Citrix
added 2023/10/26 12:0 a.m.10 views

Unable to launch HTML5 sessions via gateway when using Secure Storefront IIS

Unable to launch a published desktop session using Citrix Workspace app for HTML5 when connection is via NetScaler. Desktop launches fine when not going through HTML5. When launching directly from Storefront, bypassing netscaler, HTML5 session launches without any issues. When launching HTML5...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/10/19 12:0 a.m.3 views

HCL Technologies Compass 代码问题漏洞

HCL Technologies Compass is a low-code change management software from HCL Technologies, USA. Manages the full range of testing activities and integration with developer tools. HCL Technologies Compass suffers from an Access Control Error vulnerability that stems from the application not disablin...

7.1CVSS6.6AI score0.00292EPSS
Exploits0References2
CVE
CVE
added 2023/05/16 4:0 p.m.58 views

CVE-2023-33005

CVE-2023-33005 concerns the Jenkins WSO2 Oauth Plugin (1.0 and earlier) not invalidating a previous login session, creating a session-fixation risk. The vulnerability is described across multiple sources as allowing an attacker to reuse an existing authenticated session or trick a user into a log...

5.4CVSS5.5AI score0.00431EPSS
Exploits0References1Affected Software1
Citrix
Citrix
added 2023/04/21 12:0 a.m.29 views

Unable to launch ICA session due to wfica32.exe signature validation failure

After upgrading Citrix Workspace App to 2203 CU2 and 2210.5 and above in customer's client machine, ICA session became unable to launch. Specifically, ICA file can be downloaded but wfica32.exe never starts. The issue doesn't occur in the same client machine with Citrix Workspace App for Windows...

7.1AI score
Exploits0
Citrix
Citrix
added 2023/04/18 12:0 a.m.11 views

Native Windows Camera application is not working in Citrix session.

Native Windows Camera application is not working in Citrix session. Issue is not seen in a RDP session...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/11/03 12:0 a.m.7 views

CVE-2022-39234 user session persists even after permanently deleting account in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Deleted/deactivated user could continue to use their account as long as its cookie is valid. This iss...

4.7CVSS8.7AI score0.00385EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/06 12:0 a.m.3 views

CVE-2022-41291

IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699...

6.5CVSS5.8AI score0.00348EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/06/27 6:6 p.m.10 views

OPENSUSE-SU-2021:0934-1 Security update for tpm2.0-tools

This update for tpm2.0-tools fixes the following issues: - CVE-2021-3565: Fixed issue when no encrypted session with the TPM is used bsc1186490. This update was imported from the SUSE:SLE-15-SP2:Update update project...

5.9CVSS6AI score0.01327EPSS
Exploits0References3
Citrix
Citrix
added 2021/06/14 12:0 a.m.9 views

Unable to launch a VDI (second hop) within a active VDI session (first hop), error “An incorrect pin was presented to the security device”

The customer has FAS in place and it is working fine They are testing the VDI sessions and users can launch Desktops when using their workstations endpoints If they try to launch a second Desktop session second hop within the current VDI session using CWA, they get an error “An incorrect pin was...

7.1AI score
Exploits0
Citrix
Citrix
added 2021/04/01 12:0 a.m.6 views

Keyboard Input Fails in Citrix Session from Receiver for Mac with OSX 10.9.5

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. In a Citrix session, keyboard is unresponsive from Receiver for Mac with OSX 10.9.5...

7AI score
Exploits0
Citrix
Citrix
added 2021/03/24 12:0 a.m.7 views

"Http/1.1 Internal Server Error 43531" when accessing Citrix Gateway after upgrading to version 13.0

Users will get the error "Http/1.1 Internal Server Error 43531" The ns.log will give error as below: Dec 23 14:52:26 , aaainfo flags 11 flags2 0, new webview 0, sess flags2 0, flags3 0 flags4 400 ssoDomain , ssoUsername: , ssoUsername2: " Dec 23 14:52:26 XXX.XXX.X.XXX 12/23/2020:19:52:26 GMT...

7.2AI score
Exploits0
OSV
OSV
added 2021/02/19 7:15 p.m.9 views

CVE-2021-27351

The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session...

5.3CVSS6.7AI score0.00843EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/02/17 12:0 a.m.7 views

PT-2021-15140 · Jetty +1 · Jetty +1

Name of the Vulnerable Software and Affected Versions: Gerrit affected versions not specified Description: The issue arises when any git operation is passed through Jetty, creating a session without an expiry date. Since Jetty does not automatically dispose of the session, multiple git actions ca...

7.5CVSS7.5AI score0.00355EPSS
Exploits0References6
Citrix
Citrix
added 2020/04/08 12:0 a.m.11 views

On mobile device on-screen keyboard does not appear in ICA/HDX session automatically

On mobile device on-screen keyboard does not appear when user tap a field to edit in the application of desktop session. User need to manually select keyboard from desktop viewer...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/01/29 12:0 a.m.5 views

PT-2020-1569 · Openbsd +1 · Opensmtpd +1

Name of the Vulnerable Software and Affected Versions: OpenSMTPD versions 6.6 Description: The issue is related to the smtp mailaddr function in the smtp session.c file of the OpenSMTPD mail daemon, which is used in OpenBSD and other products. It allows remote attackers to execute arbitrary...

10CVSS8.3AI score0.98946EPSS
Exploits41References76
Rows per page
Query Builder