EUVD-2025-10700

Malicious code in bioql PyPI...

CVE-2025-22232

Spring Cloud Config Server may not use Vault token sent by clients using a X-CONFIG-TOKEN header when making requests to Vault. Your application may be affected by this if the following are true: You have Spring Vault on the classpath of your Spring Cloud Config Server and You are using the...

CVE-2025-22232 Spring Cloud Config Server May Not Use Vault Token Sent By Clients

Spring Cloud Config Server may not use Vault token sent by clients using a X-CONFIG-TOKEN header when making requests to Vault. Your application may be affected by this if the following are true: You have Spring Vault on the classpath of your Spring Cloud Config Server and You are using the...

CVE-2025-22232

Summary: CVE-2025-22232 affects Spring Cloud Config Server when used with Vault and X-CONFIG-TOKEN. The issue arises because the default SessionManager (LifecycleAwareSessionManager or similar) persists the first Vault token it retrieves and continues using it, even if clients send a different to...

Mageia: Security Advisory (MGASA-2024-0214)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Zendframework session validation vulnerability

Zend\Session session validators do not work as expected if set prior to the start of a session. For instance, the following test case fails where $this-manager is an instance of Zend\Session\SessionManager: $this -manager -getValidatorChain -attach'session.validate', arraynew RemoteAddr, 'isValid...

Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access

Threat actors are increasingly abusing Internet Information Services IIS extensions to backdoor servers as a means of establishing a "durable persistence mechanism." That's according to a new warning from the Microsoft 365 Defender Research Team, which said that "IIS backdoors are also harder to...

New 'SessionManager' Backdoor Targeting Microsoft IIS Servers in the Wild

A newly discovered malware has been put to use in the wild at least since March 2021 to backdoor Microsoft Exchange servers belonging to a wide range of entities worldwide, with infections lingering in 20 organizations as of June 2022. Dubbed SessionManager, the malicious tool masquerades as a...

The SessionManager IIS backdoor

Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules within IIS, a popular web server edited by Microsoft. And we didnt come back empty-handed… In 2021, we noticed a trend among several threat actors for deploying a backdoo...

PT-2021-17177 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions prior to 1.8.4 Description: The issue arises from the fact that tokens remain active even after the associated user account has been disabled. This is due to a problem in the util/session/sessionmanager.go file...

CVE-2015-1555

Zend Framework 2.2.x prior to 2.2.9 and 2.3.x prior to 2.3.4 are vulnerable in Zend\Session/SessionManager to a session validation bypass that allows remote attackers to create valid sessions without session validators. Root cause: improper session validation logic in SessionManager. Impact: pote...