CVE-2021-47740 KZTech JT3500V 4G LTE CPE 2.0.1 Insufficient Session Expiration Vulnerability

KZTech JT3500V 4G LTE CPE 2.0.1 contains a session management vulnerability that allows attackers to reuse old session credentials without proper expiration. Attackers can exploit the weak session handling to maintain unauthorized access and potentially compromise device authentication mechanisms...

EUVD-2016-6959

Malware in sbrugna...

EUVD-2024-17624

Malicious code in bioql PyPI...

CVE-2024-1902

lunary-ai/lunary is vulnerable to a session reuse attack, allowing a removed user to change the organization name without proper authorization. The vulnerability stems from the lack of validation to check if a user is still part of an organization before allowing them to make changes. An attacker...

CVE-2024-1902

CVE-2024-1902 affects lunary-ai/lunary. The issue is a session-reuse vulnerability where a removed user can alter an organization’s name using an old authorization token via the orgs.patch route. Root cause: lack of validation to verify membership in the organization before permitting changes, du...

CVE-2016-6025

The Configuration Manager in IBM Sterling Secure Proxy SSP 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to obtain access by leveraging an unattended workstation to conduct a post-logoff session-reuse attack involving a modified URL...