Lucene search
K

12 matches found

Cvelist
Cvelist
added 2026/06/09 3:49 a.m.38 views

CVE-2026-41838 Spring Framework Predictable Session ID in WebSocket Module

IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, which may be possible to exploit in combination with inadequate authorization rules. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 throug...

4.8CVSS0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-17232

Malware in sbrugna...

7.5CVSS7.8AI score0.01977EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-23790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue...

9.8CVSS7.3AI score0.00253EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/01/28 12:19 a.m.3 views

SUSE CVE-2025-24390

A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X...

6.8CVSS6.8AI score0.00195EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/01/29 10:15 a.m.17 views

CVE-2024-23790

Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1...

9.8CVSS7.2AI score0.00253EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.9 views

PT-2022-20747 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 7.0.x and earlier Description: The issue allows authenticated users to cause resource exhaustion on specific system configurations, resulting in server-side Denial of Service, due to insufficient limitation of the in-memor...

6.5CVSS6.2AI score0.00874EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2020/01/01 12:0 a.m.4 views

PT-2020-9940 · Otrs +2 · Otrs +2

Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.12 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.38 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.23 Description: An issu...

9.8CVSS6.9AI score0.99019EPSS
Exploits18References151
Positive Technologies
Positive Technologies
added 2019/06/11 12:0 a.m.12 views

PT-2019-12716 · Otrs +2 · Otrs +3

Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.7 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.19 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.36 Description: An issue...

9.8CVSS7AI score0.99019EPSS
Exploits29References165
Positive Technologies
Positive Technologies
added 2019/06/11 12:0 a.m.9 views

PT-2019-12826 · Otrs +2 · Otrs +2

Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.8 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.19 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.36 Description: An issue...

9.8CVSS7.1AI score0.99019EPSS
Exploits29References162
OSV
OSV
added 2018/03/26 2:29 p.m.2 views

CVE-2018-5466

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information...

7.5CVSS5.8AI score
Exploits0References3
Prion
Prion
added 2018/03/26 2:29 p.m.14 views

Code injection

Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code...

7.5CVSS9.8AI score0.04656EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2017/04/18 12:0 a.m.48 views

PHP 7.x < 7.0.18, 7.1.x < 7.1.4 SSRF Security Bypass Vulnerability - Linux

PHP is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.4CVSS7.6AI score0.03514EPSS
Exploits2References3
Rows per page
Query Builder