Total
61 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45128 | 1 Gofiber | 1 Fiber | 2024-11-21 | N/A | 10.0 CRITICAL |
| Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to inject arbitrary values without any authentication, or perform various malicious actions on behalf of an authenticated user, potentially compromising the security and integrity of the application. The vulnerability is caused by improper validation and enforcement of CSRF tokens within the application. This issue has been addressed in version 2.50.0 and users are advised to upgrade. Users should take additional security measures like captchas or Two-Factor Authentication (2FA) and set Session cookies with SameSite=Lax or SameSite=Secure, and the Secure and HttpOnly attributes as defense in depth measures. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-41084 | 1 Socomec | 2 Modulys Gp, Modulys Gp Firmware | 2024-11-21 | N/A | 10.0 CRITICAL |
| Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device. | |||||
| CVE-2023-3747 | 1 Cloudflare | 1 Warp | 2024-11-21 | N/A | 5.5 MEDIUM |
| Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access to the device, could extend the maximum allowed disconnected time of WARP client granted by an override code by changing the date & time on the local device where WARP is running. | |||||
| CVE-2023-3050 | 1 Tmtmakine | 2 Lockcell, Lockcell Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: before 15. | |||||
| CVE-2023-32725 | 1 Zabbix | 2 Frontend, Zabbix Server | 2024-11-21 | N/A | 9.6 CRITICAL |
| The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user. | |||||
| CVE-2022-3083 | 1 Landisgyr | 2 E850, E850 Firmware | 2024-11-21 | N/A | 3.9 LOW |
| All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. The web application could become inaccessible for the user if an attacker changes the cookie values. | |||||
| CVE-2022-38297 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A | 9.8 CRITICAL |
| UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning. | |||||
| CVE-2022-36032 | 1 Reactphp | 1 Http | 2024-11-21 | N/A | 5.3 MEDIUM |
| ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like `__Host-` and `__Secure-` confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. This issue is fixed in ReactPHP HTTP version 1.7.0. As a workaround, Infrastructure or DevOps can place a reverse proxy in front of the ReactPHP HTTP server to filter out any unexpected `Cookie` request headers. | |||||
| CVE-2022-35284 | 1 Ibm | 1 Security Verify Information Queue | 2024-11-21 | N/A | 7.5 HIGH |
| IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 230811. | |||||
| CVE-2022-30620 | 1 Cellinx | 2 Cellinx Nvt - Ip Ptz Camera, Cellinx Nvt - Ip Ptz Camera Firmware | 2024-11-21 | N/A | 8.2 HIGH |
| On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". Administrative Privileges which allows changing various configuration in the camera. | |||||
| CVE-2022-2615 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 6.5 MEDIUM |
| Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-29248 | 3 Debian, Drupal, Guzzlephp | 3 Debian Linux, Drupal, Guzzle | 2024-11-21 | 5.8 MEDIUM | 8.0 HIGH |
| Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains. The cookie middleware is disabled by default, so most library consumers will not be affected by this issue. Only those who manually add the cookie middleware to the handler stack or construct the client with ['cookies' => true] are affected. Moreover, those who do not use the same Guzzle client to call multiple domains and have disabled redirect forwarding are not affected by this vulnerability. Guzzle versions 6.5.6 and 7.4.3 contain a patch for this issue. As a workaround, turn off the cookie middleware. | |||||
| CVE-2022-28113 | 1 Fantec | 2 Mwid25-ds, Mwid25-ds Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie. | |||||
| CVE-2022-22785 | 1 Zoom | 1 Meetings | 2024-11-21 | 6.4 MEDIUM | 5.9 MEDIUM |
| The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. This issue could be used in a more sophisticated attack to send an unsuspecting users Zoom-scoped session cookies to a non-Zoom domain. This could potentially allow for spoofing of a Zoom user. | |||||
| CVE-2022-1148 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the victim's other private websites | |||||
| CVE-2021-41819 | 6 Debian, Fedoraproject, Opensuse and 3 more | 9 Debian Linux, Fedora, Factory and 6 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby. | |||||
| CVE-2021-41263 | 1 Discourse | 1 Rails Multisite | 2024-11-21 | 6.0 MEDIUM | 8.3 HIGH |
| rails_multisite provides multi-db support for Rails applications. In affected versions this vulnerability impacts any Rails applications using `rails_multisite` alongside Rails' signed/encrypted cookies. Depending on how the application makes use of these cookies, it may be possible for an attacker to re-use cookies on different 'sites' within a multi-site Rails application. The issue has been patched in v4 of the `rails_multisite` gem. Note that this upgrade will invalidate all previous signed/encrypted cookies. The impact of this invalidation will vary based on the application architecture. | |||||
| CVE-2021-3818 | 1 Getgrav | 1 Grav | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking | |||||
| CVE-2021-36338 | 1 Dell | 7 Powermax Os, Solutions Enabler, Solutions Enabler Virtual Appliance and 4 more | 2024-11-21 | 5.2 MEDIUM | 6.3 MEDIUM |
| Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to. CVE-2022-31233 addresses the partial fix in CVE-2021-36338. | |||||
| CVE-2021-33842 | 1 Circutor | 2 Sge-plc1000, Sge-plc1000 Firmware | 2024-11-21 | 7.7 HIGH | 8.8 HIGH |
| Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit this vulnerability, the attacker must be within the network where the device affected is located. | |||||