Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
session vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-36618
Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of OS commands as root user by low-privileged authenticated users.
Unify Session Border Controller 10 R3.01.03
9.8
CVSSv3
CVE-2023-36619
Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users.
Unify Session Border Controller 10 R3.01.03
9.1
CVSSv3
CVE-2021-31381
A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote malicious user to send a specially crafted query to cause the web server to delete files which may allow the malicious user to disrupt the integrity and avai...
Juniper Session And Resource Control
5.3
CVSSv3
CVE-2021-31380
A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote malicious user to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the malicious us...
Juniper Session And Resource Control
5.3
CVSSv3
CVE-2021-31352
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote malicious user to obtain sensitive information. A remote attacker with read and write access to network...
Juniper Session And Resource Control
2.6
CVSSv3
CVE-2020-25374
CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows malicious users to discover internal pathnames by reading an error popup message after two hours of idle time.
Cyberark Privileged Session Manager 10.9.0.15
5.3
CVSSv3
CVE-2019-25025
The activerecord-session_store (aka Active Record Session Store) component up to and including 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing...
Rubyonrails Active Record Session Store
2 Github repositories
8.8
CVSSv3
CVE-2018-1000857
log-user-session version 0.7 and previous versions contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes ...
Open-systems Log-user-session
4.7
CVSSv3
CVE-2020-14574
Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications Applications (component: FACE). Supported versions that are affected are 6.1-6.4. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastr...
Oracle Communications Interactive Session Recorder
4.3
CVSSv3
CVE-2023-22083
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications (component: Web UI). Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Or...
Oracle Enterprise Session Border Controller
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »