Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
boruta-server sent sensitive session cookies without the Secure attribute
TwiN gatus OIDC Session Cookie oidc.go setSessionCookie missing secure attribute
HAX CMS Missing Secure Flag on Cookie
HCL iControl was affected by Missing Cookie Attributes vulnerability.
Apache Airflow: JWT cookie missing Secure flag in JWTRefreshMiddleware behind HTTPS-terminating proxy
Apache Shiro: Shiro's native session and rememberMe cookies do not have secure flag set by default
Eaton Intelligent Power Protector (IPP) uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie a...
IBM Maximo Application Suite was vulnerable to because Cookie ltpatoken2_<workspace_name> was not set with secure flag
In JetBrains Datalore before 2026
Use of unsecure cookies for GraphicalData web service and WebClient web app
Kentico Xperience <= 13.0.164 Cookie Security Configuration
IBM Jazz for Service Management is vulnerable to "filter" cookie not sent over SSL
HCL Unica Platform is affected by a Cookie without HTTPOnly Flag Set vulnerability
HCL AION is susceptible to Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability
IBM Jazz for Service Management information disclosure
Insecure Cookie Flags Vulnerability in Digisol DG-GR6821AC Router
CVE-2025-27450
IBM Datacap information disclosure
Cookie without Secure attribute in phpipam/phpipam
Misskey CSRF vulnerability due to insecure configuration of authentication cookie attributes
Showing 1 - 20 of 1,000+ results