Insufficient Session Expiration

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Insufficient Session Expiration due to improper session management when user permissions are changed. An attacker can retain unauthorized access to resource...

CVE-2023-49091

Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. Cosmos-server is vulnerable due to to the authorization header used for user login remaining valid and not expiring after log out. This vulnerability allows an...

EUVD-2019-16890

Malware in sbrugna...

EUVD-2018-3506

Malware in sbrugna...

EUVD-2009-1629

Malware in sbrugna...

EUVD-2021-25260

Malware in sbrugna...

EUVD-2015-0012

Malware in sbrugna...

EUVD-2020-12602

Malware in sbrugna...

EUVD-2018-3505

Malware in sbrugna...

EUVD-2024-45177

Malicious code in bioql PyPI...

EUVD-2021-29719

Malicious code in bioql PyPI...

EUVD-2024-41492

Malicious code in bioql PyPI...

EUVD-2024-16028

Malicious code in bioql PyPI...

EUVD-2021-7891

Malicious code in bioql PyPI...

EUVD-2023-24433

Malicious code in bioql PyPI...

IBM Transformation Extender Advanced 代码问题漏洞

IBM Transformation Extender Advanced is a data transformation, validation and standardization tool software from International Business Machines IBM. A code issue vulnerability exists in IBM Transformation Extender Advanced version 10.0.1 that stems from a failure to disable a session after loggi...

CVE-2024-28077

A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external network through DDNS, and consequently obtain the IP addresses and ports of devices that are exposed. By using special usernames and special characters such as half...

CVE-2021-38823

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an admin account does not invalidate an admin session that is opened in a different browser...

ABB Cylon Aspect 3.08.02 (MIX) Session Validation Bypass

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect suffers from a broken session management issue. The...

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change. The flaw, assigned the CVE identifier CVE-2025-24859 , carries a CVSS score of...