Lucene search
+L

8 matches found

snyk
snyk
added 2025/09/15 6:31 p.m.6 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input when handling InternetDomainName values. An attacker can access cookies set by the application across subdomains by controlling a website that shares the same top-level domain...

7.5CVSS6.6AI score0.00375EPSS
Exploits0References2
snyk
snyk
added 2025/03/12 10:6 p.m.2 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview flarum/core is a simple discussion platform for your website. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via authoritative subdomain cookie overwrite. An attacker controlling a...

7.6CVSS6.8AI score0.00463EPSS
Exploits0References2
osv
osv
added 2023/08/18 11:5 a.m.4 views

OESA-2023-1515 python-werkzeug security update

werkzeug German noun: "tool". Etymology: werk "work", zeug "stuff" Werkzeug is a comprehensive WSGI web application library. It began as a simple collection of various utilities for WSGI applications and has become one of the most advanced WSGI utility libraries. It includes: - An interactive...

7.5CVSS7AI score0.0142EPSS
Exploits0References3
osv
osv
added 2023/02/06 11:15 p.m.4 views

CVE-2023-23849

Versions of Coverity Connect prior to 2022.12.0 are vulnerable to an unauthenticated Cross-Site Scripting vulnerability. Any web service hosted on the same sub domain can set a cookie for the whole subdomain which can be used to bypass other mitigations in place for malicious purposes...

6.1CVSS6.4AI score0.01298EPSS
Exploits0References1
nvd
nvd
added 2007/04/24 5:19 p.m.13 views

CVE-2007-0742

The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information...

7.8CVSS5.9AI score0.0331EPSS
Exploits0References8
prion
prion
added 2007/04/24 5:19 p.m.14 views

Information disclosure

The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information...

7.8CVSS6AI score0.0331EPSS
Exploits0References8Affected Software1
cve
cve
added 2007/04/24 5:0 p.m.45 views

CVE-2007-0742

CVE-2007-0742 : The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, enabling remote attackers to obtain sensitive information. Affected: Mac OS X 10.3.9 and earlier (WebFoundation-related cookie handling). Impact: potentia...

7.8CVSS5.9AI score0.0331EPSS
Exploits0References8Affected Software1
cvelist
cvelist
added 2007/04/24 5:0 p.m.21 views

CVE-2007-0742

The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information...

5.9AI score0.0331EPSS
Exploits0References8
Rows per page
Query Builder