Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-39734 | 1 Ibm | 1 Datacap | 2024-09-18 | N/A | 4.3 MEDIUM |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 296001. | |||||
| CVE-2023-41084 | 1 Socomec | 2 Modulys Gp, Modulys Gp Firmware | 2024-08-02 | N/A | 9.8 CRITICAL |
| Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device. | |||||
| CVE-2024-0947 | 2024-06-27 | N/A | 9.8 CRITICAL | ||
| Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens.This issue affects Elektraweb: before v17.0.68. | |||||
| CVE-2024-22186 | 2024-05-28 | N/A | 8.8 HIGH | ||
| The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become administrator. | |||||
| CVE-2024-21872 | 2024-05-28 | N/A | 7.5 HIGH | ||
| The device allows an unauthenticated attacker to bypass authentication and modify the cookie to reveal hidden pages that allows more critical operations to the transmitter. | |||||
| CVE-2024-28233 | 2024-03-28 | N/A | 8.1 HIGH | ||
| JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API and user's single-user server. The affected configurations are single-origin JupyterHub deployments and JupyterHub deployments with user-controlled applications running on subdomains or peer subdomains of either the Hub or a single-user server. This vulnerability is fixed in 4.1.0. | |||||
| CVE-2023-32725 | 1 Zabbix | 2 Frontend, Zabbix Server | 2024-02-28 | N/A | 8.8 HIGH |
| The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user. | |||||
| CVE-2023-45128 | 1 Gofiber | 1 Fiber | 2024-02-28 | N/A | 8.8 HIGH |
| Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to inject arbitrary values without any authentication, or perform various malicious actions on behalf of an authenticated user, potentially compromising the security and integrity of the application. The vulnerability is caused by improper validation and enforcement of CSRF tokens within the application. This issue has been addressed in version 2.50.0 and users are advised to upgrade. Users should take additional security measures like captchas or Two-Factor Authentication (2FA) and set Session cookies with SameSite=Lax or SameSite=Secure, and the Secure and HttpOnly attributes as defense in depth measures. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-3747 | 1 Cloudflare | 1 Warp | 2024-02-28 | N/A | 5.5 MEDIUM |
| Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access to the device, could extend the maximum allowed disconnected time of WARP client granted by an override code by changing the date & time on the local device where WARP is running. | |||||
| CVE-2023-45141 | 1 Gofiber | 1 Fiber | 2024-02-28 | N/A | 8.8 HIGH |
| Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to obtain tokens and forge malicious requests on behalf of a user. This can lead to unauthorized actions being taken on the user's behalf, potentially compromising the security and integrity of the application. The vulnerability is caused by improper validation and enforcement of CSRF tokens within the application. This vulnerability has been addressed in version 2.50.0 and users are advised to upgrade. Users should take additional security measures like captchas or Two-Factor Authentication (2FA) and set Session cookies with SameSite=Lax or SameSite=Secure, and the Secure and HttpOnly attributes. | |||||
| CVE-2023-3050 | 1 Tmtmakine | 2 Lockcell, Lockcell Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: before 15. | |||||
| CVE-2023-35885 | 1 Mgt-commerce | 1 Cloudpanel | 2024-02-28 | N/A | 9.8 CRITICAL |
| CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. | |||||
| CVE-2022-3083 | 1 Landisgyr | 2 E850, E850 Firmware | 2024-02-28 | N/A | 5.4 MEDIUM |
| All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. The web application could become inaccessible for the user if an attacker changes the cookie values. | |||||
| CVE-2022-30620 | 1 Cellinx | 2 Cellinx Nvt - Ip Ptz Camera, Cellinx Nvt - Ip Ptz Camera Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". Administrative Privileges which allows changing various configuration in the camera. | |||||
| CVE-2022-35284 | 1 Ibm | 1 Security Verify Information Queue | 2024-02-28 | N/A | 7.5 HIGH |
| IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 230811. | |||||
| CVE-2022-38297 | 1 Ucms Project | 1 Ucms | 2024-02-28 | N/A | 9.8 CRITICAL |
| UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning. | |||||
| CVE-2022-36032 | 1 Reactphp | 1 Http | 2024-02-28 | N/A | 5.3 MEDIUM |
| ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like `__Host-` and `__Secure-` confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. This issue is fixed in ReactPHP HTTP version 1.7.0. As a workaround, Infrastructure or DevOps can place a reverse proxy in front of the ReactPHP HTTP server to filter out any unexpected `Cookie` request headers. | |||||
| CVE-2022-2615 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-28 | N/A | 6.5 MEDIUM |
| Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-22785 | 1 Zoom | 1 Meetings | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. This issue could be used in a more sophisticated attack to send an unsuspecting users Zoom-scoped session cookies to a non-Zoom domain. This could potentially allow for spoofing of a Zoom user. | |||||
| CVE-2022-1148 | 1 Gitlab | 1 Gitlab | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the victim's other private websites | |||||