Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
session vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4781
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) prior to 2 R0.32.0, and 7 prior to 7 R1.7.0, allows remote malicious users to execute arbitrary commands via unspecified vectors.
Siemens Openscape Session Border Controller 1r4.17.0
Siemens Enterprise Openscape Branch -
Siemens Openscape Session Border Controller 7r.0
7.8
CVSSv3
CVE-2021-33909
fs/seq_file.c in the Linux kernel 3.16 up to and including 5.13.x prior to 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
Linux Linux Kernel
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire -
Netapp Hci Management Node -
Oracle Communications Session Border Controller 8.3
Oracle Communications Session Border Controller 8.4
Oracle Communications Session Border Controller 9.0
Oracle Communications Session Border Controller 8.2
Sonicwall Sma1000 Firmware
9 Github repositories
NA
CVE-2014-1673
Check Point Session Authentication Agent allows remote malicious users to obtain sensitive information (user credentials) via unspecified vectors.
Checkpoint Session Authentication Agent -
6.5
CVSSv3
CVE-2023-20866
In Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive information to those who have access to the application logs and can be used for session hijacking. Specifically, an application is vulnerable if it i...
Vmware Spring Session 3.0.0
8.8
CVSSv3
CVE-2020-7780
This affects the package com.softwaremill.akka-http-session:core_2.13 prior to 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 prior to 0.5.11; the package com.softwaremill.akka-http-session:core_2.11 prior to 0.5.11. For older versions, endpoints protected by ra...
Softwaremill Akka-http-session
8.8
CVSSv3
CVE-2020-28452
This affects the package com.softwaremill.akka-http-session:core_2.12 from 0 and prior to 0.6.1; all versions of package com.softwaremill.akka-http-session:core_2.11; the package com.softwaremill.akka-http-session:core_2.13 from 0 and prior to 0.6.1. CSRF protection can be bypass...
Softwaremill Akka-http-session
NA
CVE-2008-5854
Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) ls_user and (2) ls_email parameters (aka the User form) in an ls_register action. NOTE: some of these...
Myphpscripts Login Session 2.0
1 EDB exploit
NA
CVE-2006-1279
CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by (1) Driver::File, (2) Driver::db_file, and possibly (3) Driver::sqlite.
Sherzod Ruzmetov Cgi Session
NA
CVE-2006-1280
CGI::Session 4.03-1 does not set proper permissions on temporary files created in (1) Driver::File and (2) Driver::db_file, which allows local users to obtain privileged information, such as session keys, by viewing the files.
Sherzod Ruzmetov Cgi Session
NA
CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt.
Myphpscripts Login Session 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »