Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids
WebDyne::Session versions through 2.075 for Perl generates the session id insecurely
Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely
FreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute Force
Solstice::Session versions through 1440 for Perl generates session ids insecurely
Ado::Sessions versions through 0.935 for Perl generates insecure session ids
Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id
Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver
Multiple Vulnerabilities in IBM Concert Software
HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids
Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions
Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit
Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id
Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely
HTTP::Session2 versions before 1.12 for Perl may generate weak session ids using the rand() function
Apache::SessionX versions through 2.01 for Perl create insecure session id
Bucket Squatting in Vertex AI Experiments leads to RCE and Model Theft.
Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids
Jervis has Deterministic AES IV Derivation from Passphrase
Showing 1 - 20 of 1,000+ results