Lucene search
K

133 matches found

Github Security Blog
Github Security Blog
added 2021/07/01 5:2 p.m.73 views

Unencrypted storage of client side sessions

Impact The default configuration of client side sessions results in unencrypted, but signed, data being set as cookie values. This means that if something sensitive goes into the session, it could be read by something with access to the cookies. Note: the documentation does point this out and...

7.5CVSS0.7AI score0.00455EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/06/29 7:15 p.m.9 views

CVE-2021-29481

Ratpack is a toolkit for creating web applications. In versions prior to 1.9.0, the default configuration of client side sessions results in unencrypted, but signed, data being set as cookie values. This means that if something sensitive goes into the session, it could be read by something with...

7.5CVSS5.7AI score0.00455EPSS
Exploits0References2
CVE
CVE
added 2021/05/06 1:49 p.m.66 views

CVE-2021-28128

Strapi up to version 3.6.0 contains an auth weakness in the admin panel: a user can change their own password without entering the current one. If an attacker gains any valid session, they can take over the account by changing the password. This aligns with the CVSS3.1/8.1 (HIGH) impact noted in ...

8.1CVSS8AI score0.0128EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2020/10/19 1:15 p.m.15 views

Session fixation

SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in within N-Central. To take...

6.8CVSS8.4AI score0.02195EPSS
Exploits1References2Affected Software1
Microsoft Secure
Microsoft Secure
added 2020/04/16 4:0 p.m.55 views

Security guidance for remote desktop adoption

As the volume of remote workers quickly increased over the past two to three months, the IT teams in many companies scrambled to figure out how their infrastructures and technologies would be able to handle the increase in remote connections. Many companies were forced to enhance their capabiliti...

0.5AI score
Exploits0
Talos
Talos
added 2020/03/24 12:0 a.m.62 views

Intel Raid Web Console 3 add server denial-of-service vulnerability

Summary A remote, exploitable denial-of-service vulnerability exists in the web API functionality of Intel Raid Web Console 3. A specially crafted request can lead to a null pointer dereference in the Intel Raid Web Console server. This would result in a denial of service until the user restarts...

7.5CVSS7.5AI score0.01524EPSS
Exploits0
OSV
OSV
added 2019/07/17 2:15 p.m.6 views

CVE-2018-2021

IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155345...

6.1CVSS5.4AI score0.00901EPSS
Exploits0References2
Prion
Prion
added 2019/06/27 4:15 p.m.21 views

Authentication flaw

The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. Specifically, /cgi/loginDefaultUser creates a session in an authenticated state and returns the session ID along with what may be the...

5.8CVSS8.9AI score0.0526EPSS
Exploits2References4Affected Software1
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.41 views

systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit

systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit As documented at , for any action, a polkit policy can specify separate levels of required authentication based on whether a client is: - in an active session on a local console - in an inactive session on...

7.3AI score
Exploits0
Hacker One
Hacker One
added 2018/11/06 6:45 a.m.21 views

Open-Xchange: No session expiry after log-out and session id exposed in URL

Hi, There is no session expiry after log-out which can help an attacker to take-over the full account by reusing it. The JSESSIONID which is vulnerable can be used unlimited times even after the password change. The server will keep on creating an unlimited number of sessions after each log-in...

6.8AI score
Exploits0
Broadcom
Broadcom
added 2018/10/29 12:0 a.m.7 views

BSA-2018-736

Security Advisory ID : BSA-2018-736 Component : Fabric OS WebGui Revision : 1.0: Initial The Web management interface of Brocade Fabric OS doesn’t send cookies with secure flag.This could allow attackers to intercept or manipulate a victim user's session ID. Affected Products Brocade Fabric OS...

7.5CVSS6.8AI score0.01206EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/06/12 12:0 a.m.40 views

Microsoft Windows: Network security: LAN Manager authentication level

This security setting determines which challenge/response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers as follows: - Send ...

7.6AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/10/24 12:0 a.m.25 views

Fedora 23 : php (2016-0729e59542)

13 Oct 2016 - PHP version 5.6.27 Core: - Fixed bug php73025 Heap Buffer Overflow in virtualpopen of zendvirtualcwd.c. cmb - Fixed bug php73058 crypt broken when salt is 'too' long. Anatol - Fixed bug php72703 Out of bounds global memory read in BFcrypt triggered by passwordverify. Anatol - Fixed...

5.6AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/10/10 8:38 p.m.6 views

tomcat: Session fixation

A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests...

8.1CVSS7.2AI score0.10573EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2016/02/23 12:0 a.m.24 views

Ignite Realtime Openfire group-summary.jsp Cross-Site Scripting (CVE-2015-6972)

A cross-site scripting vulnerability has been reported in Ignite Realtime Openfire Server. The vulnerability is due to insufficient validation of the "search" parameter within the group-summary.jsp page. By convincing an authenticated user to visit a malicious website, a remote attacker can explo...

4.3CVSS4.8AI score0.07998EPSS
Exploits2
Hacker One
Hacker One
added 2015/10/01 12:4 a.m.20 views

Imgur: "Sign me out everywhere" does not work for desktop sessions

An account option that allowed users to sign out everywhere was found to not be functioning properly. A user selecting this option was not signed out. A fix has been rolled out to update session security as a result of this report...

2.2AI score
Exploits0
myhack58
myhack58
added 2014/12/31 12:0 a.m.25 views

WSS is the latest version of any user of the password reset(official demo demo-the vulnerability warning-the black bar safety net

WSS latest version of the design flaws lead to arbitrary user password reset, including the administrator 文件 usereditpassword.php code area ? php $editFormAction = $SERVER'PHPSELF'; if isset$SERVER'QUERYSTRING' $editFormAction .= "?" . htmlentities$SERVER'QUERYSTRING'; $password = "-1"; if...

0.3AI score
Exploits0
Cvelist
Cvelist
added 2014/08/07 10:0 a.m.25 views

CVE-2014-3853

Pyplate 0.08 does not set the secure flag for the id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...

6.5AI score0.01296EPSS
Exploits1References2
OSV
OSV
added 2013/09/16 7:14 p.m.7 views

CVE-2013-4259

runner/connectionplugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/...

5.9AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/06/05 12:0 a.m.34 views

Mac OS X 10.8 < 10.8.4 Multiple Vulnerabilities (Security Update 2013-002)

Binary data 6857.prm...

9.3CVSS6.8AI score0.48298EPSS
Exploits14References25
Rows per page
Query Builder