Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2026/02/21 4:9 a.m.8 views

CVE-2026-27193

Feathersjs versions ≤ 5.0.39 store all HTTP request headers in the signed but unencrypted session cookie. The complete headers object (including internal proxy/gateway headers, API keys, tokens, and internal IPs) is base64-encoded in the cookie and readable by clients, exposing sensitive infrastr...

8.2CVSS5.5AI score0.00013EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2021/10/14 9:15 a.m.14 views

CVE-2021-3882

LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection HTTP, an attacker may be able to obtain the authentication data by capturing network...

6.8CVSS6.9AI score0.00116EPSS
Exploits1References3
myhack58
myhack58added 2016/01/22 12:0 a.m.23 views

Apple fixes iOS a serious vulnerability, hackers can be from the device to steal cookies-CVE-2 0 1 6-1 7 3 0-a vulnerability warning-the black bar safety net

Recently, Apple fixes iOS a serious vulnerability. This vulnerability allows hackers to masquerade as the end user, access to the web unencrypted cookie read and write permissions. With the Tuesday release of iOS 9.2.1, the vulnerability is repaired, from it first being reported to Apple has last...

6.3AI score
Exploits0
Rows per page
Query Builder