Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-2493 | 2024-04-23 | N/A | 7.5 HIGH | ||
Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.1-00. | |||||
CVE-2024-0349 | 1 Engineers Online Portal Project | 1 Engineers Online Portal | 2024-04-11 | 2.6 LOW | 5.3 MEDIUM |
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to sensitive cookie without secure attribute. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-250117 was assigned to this vulnerability. | |||||
CVE-2023-46179 | 1 Ibm | 1 Sterling Secure Proxy | 2024-03-19 | N/A | 4.3 MEDIUM |
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 269683. | |||||
CVE-2023-42016 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-15 | N/A | 4.3 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 265559. | |||||
CVE-2023-5866 | 1 Phpmyfaq | 1 Phpmyfaq | 2023-12-10 | N/A | 5.7 MEDIUM |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1. | |||||
CVE-2023-4654 | 1 Instantcms | 1 Instantcms | 2023-12-10 | N/A | 3.5 LOW |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1. | |||||
CVE-2023-3520 | 1 It-novum | 1 Openitcockpit | 2023-12-10 | N/A | 4.6 MEDIUM |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum/openitcockpit prior to 4.6.6. |