Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
FreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute Force
Solstice::Session versions through 1440 for Perl generates session ids insecurely
Ado::Sessions versions through 0.935 for Perl generates insecure session ids
Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id
Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver
Multiple Vulnerabilities in IBM Concert Software
HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids
Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions
Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit
Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id
Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely
HTTP::Session2 versions before 1.12 for Perl may generate weak session ids using the rand() function
Apache::SessionX versions through 2.01 for Perl create insecure session id
Bucket Squatting in Vertex AI Experiments leads to RCE and Model Theft.
Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids
Jervis has Deterministic AES IV Derivation from Passphrase
RAGFlow has Predictable Token Generation Leading to Authentication Bypass Vulnerability
Predictable Generation of Password Recovery Token
BIG-IP TMM vulnerability
Weak Session Token used in Automation Runtime SDM
Showing 1 - 20 of 1,000+ results