Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-3251 | 1 Ikus-soft | 1 Minarca | 2022-09-23 | 5.3 Medium |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2. | ||||
CVE-2022-3174 | 1 Ikus-soft | 1 Rdiffweb | 2022-09-15 | 7.5 High |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2. | ||||
CVE-2015-3207 | 1 Openshift | 1 Origin | 2022-07-14 | 5.3 Medium |
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes. | ||||
CVE-2020-29024 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2021-02-26 | 5.3 Medium |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an attacker to gain access to sensitive cookies. This issue affects: Secomea GateManager all versions prior to 9.3. | ||||
CVE-2020-27651 | 1 Synology | 1 Router Manager | 2020-11-06 | 8.1 High |
Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | ||||
CVE-2020-27650 | 1 Synology | 3 Diskstation Manager, Skynas, Skynas Firmware | 2020-11-05 | 3.7 Low |
Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. |