CWE-565
Reliance on Cookies without Validation and Integrity Checking
The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.
72 vulnerabilities with CWE-565
CVE-2023-3747
MEDIUM
Zero Trust - Info Disclosure
CVSS 5.5
CVE-2023-32612
HIGH
WL-WN531AX2 <2023526 - Command Injection
CVSS 7.2
CVE-2023-35885
CRITICAL
CloudPanel 2 <2.3.1 - Auth Bypass
CVSS 9.8
CVE-2023-3050
CRITICAL
TMT Lockcell <15 - Auth Bypass
CVSS 9.8
CVE-2022-50926
CRITICAL
WAGO 750-8212 PFC200 G2 2ETH RS - Privilege Escalation
CVSS 9.8
CVE-2022-3083
LOW
Landis+Gyr E850 (ZMQ200) - Info Disclosure
CVSS 3.9
CVE-2022-38297
CRITICAL
UCMS v1.6.0 - Auth Bypass
CVSS 9.8
CVE-2022-36032
MEDIUM
ReactPHP HTTP <1.7.0 - XSS
CVSS 5.3
CVE-2022-2615
MEDIUM
Google Chrome <104.0.5112.79 - CSRF
CVSS 6.5
CVE-2022-35284
HIGH
IBM Security Verify Information Queue 10.0.2 - Info Disclosure
CVSS 7.5
CVE-2022-30620
HIGH
Cellinx Camera - Privilege Escalation
CVSS 8.2
CVE-2022-29248
HIGH
Guzzle <6.5.6 and <7.4.3 - XSS
CVSS 8.0
CVE-2022-22785
MEDIUM
Zoom Client <5.10.0 - CSRF
CVSS 5.9
CVE-2022-28113
HIGH
FANTEC GmbH MWiD25-DS Firmware <2.000.030 - RCE
CVSS 7.2
CVE-2022-1148
MEDIUM
GitLab CE/EE <14.7.7-14.9.2 - Info Disclosure
CVSS 5.3
CVE-2021-47706
HIGH
COMMAX Biometric Access Control System 1.0.0 - Auth Bypass
CVE-2021-20450
MEDIUM
IBM Cognos Controller <11.0.0 - Open Redirect
CVSS 4.3
CVE-2021-36338
MEDIUM
Unisphere for PowerMax <9.2.2.2 - Privilege Escalation
CVSS 6.3
CVE-2021-41819
HIGH
Ruby <2.6.8 - Info Disclosure
CVSS 7.5
CVE-2021-41263
HIGH
rails_multisite <4 - Info Disclosure
CVSS 8.3
CVE-2021-3818
MEDIUM
grav - CSRF
CVSS 5.3
CVE-2021-33842
HIGH
Circutor SGE-PLC1000 <0.9.2b - Auth Bypass
CVSS 8.8
CVE-2021-29624
MEDIUM
Fastify-csrf < 3.1.0 - CSRF
CVSS 6.5
CVE-2021-28171
CRITICAL
Vangene deltaFlow E-platform - Privilege Escalation
CVSS 9.8
CVE-2020-29668
LOW
Sympa <6.2.59b.2 - Info Disclosure
CVSS 3.7
Details
Vulnerabilities
72