55 matches found
Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information (CVE-2024-39275)
Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user. This plugin...
CVE-2024-43181
IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...
CVE-2024-43181
IBM Concert Software versions 1.0.0–2.1.0 do not invalidate sessions after logout, enabling an authenticated user to impersonate another user. Red Hat and ENISA entries confirm this behavior across multiple feeds. Root cause: insufficient session invalidation on logout. Impact: potential account ...
PT-2026-5867
Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description The software does not invalidate user sessions after logout. This could allow an authenticated user to impersonate another user on the system. Recommendations Update to a version later than...
CVE-2025-36063
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system...
CVE-2025-34410
1Panel versions 1.10.33–2.0.15 have a CSRF in Change Username under /settings/panel. The endpoint lacks anti-CSRF tokens and Origin/Referer checks, enabling an attacker to submit a username-change request via a malicious page while the victim is authenticated. The victim’s username can be changed...
EUVD-2018-12071
Malware in sbrugna...
EUVD-2018-7212
Malware in sbrugna...
EUVD-2023-59745
Malicious code in bioql PyPI...
EUVD-2023-28495
Malicious code in bioql PyPI...
EUVD-2025-8123
Malicious code in bioql PyPI...
EUVD-2023-53781
Malicious code in bioql PyPI...
CVE-2025-55162
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In versions below 1.32.10 and 1.33.0 through 1.33.6, 1.34.0 through 1.34.4 and 1.35.0, insufficient Session Expiration in the Envoy OAuth2 filter leads to failed logout operations. Whe...
Linux Distros Unpatched Vulnerability : CVE-2025-2596
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL CVE-2025-2596 Note that Nessus relies on the presenc...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from ksmbd not properly handling sess-user references during session logout, which could lead to reuse after release...
CVE-2024-22351
IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...
CVE-2024-25051
IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system...
CVE-2023-52975
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
CVE-2025-2596
Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...
CVE-2023-52975
CVE-2023-52975 affects the Linux kernel SCSI/iscsi_tcp component. A use-after-free (UAF) can occur during iSCSI session logout if another task accesses the shost ipaddress attribute, triggering KASAN reports. The issue has concrete fixes in the Linux kernel (e.g., commits in the referenced reposi...