Vulnerabilities (CVE)

Filtered by CWE-534
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11398 1 Trendmicro 1 Smart Protection Server 2024-11-21 6.8 MEDIUM 8.8 HIGH
A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system.
CVE-2015-6941 1 Saltstack 1 Salt 2015 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs.