CWE-565
Reliance on Cookies without Validation and Integrity Checking
The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.
72 vulnerabilities with CWE-565
CVE-2020-26955
MEDIUM
Firefox <83 - Info Disclosure
CVSS 6.5
CVE-2020-4749
MEDIUM
IBM Spectrum Scale <5.0.5.2 - Open Redirect
CVSS 4.3
CVE-2020-7070
MEDIUM
Php < 7.2.34 - Improper Input Validation
CVSS 4.3
CVE-2020-15128
MEDIUM
OctoberCMS <1.0.468 - Info Disclosure
CVSS 6.1
CVE-2019-4688
MEDIUM
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 - Open Redirect
CVSS 4.3
CVE-2019-4638
LOW
IBM Security Secret Server 10.7 - Info Disclosure
CVSS 3.7
CVE-2019-4330
MEDIUM
IBM Security Guardium Big Data Intelligence - Info Disclosure
CVSS 4.3
CVE-2019-17104
HIGH
Centreon VM <19.04.3 - Info Disclosure
CVSS 7.5
CVE-2019-4305
MEDIUM
IBM WebSphere Application Server Liberty - Info Disclosure
CVSS 5.3
CVE-2019-7266
CRITICAL
Linear eMerge 50P/5000P - Auth Bypass
CVSS 9.8
CVE-2018-20512
CRITICAL
EPON CPE-WiFi <2.0.4-X000 - Privilege Escalation
CVSS 9.8
CVE-2018-19224
HIGH
LAOBANCMS 2.0 - CSRF
CVSS 7.5
CVE-2018-5190
CRITICAL
PicturesPro Photo Cart <7 - Info Disclosure
CVSS 9.8
CVE-2018-5455
CRITICAL
Moxa OnCell G3100-HSPA <1.4 - Auth Bypass
CVSS 9.8
CVE-2017-8034
MEDIUM
Cloud Foundry <1.32.0-0.159.0-267 - Privilege Escalation
CVSS 6.6
CVE-2017-7279
CRITICAL
Unitrends Enterprise Backup <9.0.0 - Privilege Escalation
CVSS 9.8
CVE-2017-6896
HIGH
DIGISOL DG-HR1400 1.00.02 - Privilege Escalation
CVSS 8.8
CVE-2016-15002
HIGH
MONyog Ultimate 6.63 - Privilege Escalation
CVSS 7.3
CVE-2014-125112
CRITICAL
Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution
CVSS 9.8
CVE-2012-5631
HIGH
ipa <3.0 - Info Disclosure
CVSS 8.8
CVE-2011-3887
Google Chrome <15.0.874.102 - XSS
CVE-2008-5784
CRITICAL
V3 Chat - Profiles/Dating Script 3.0.2 - Auth Bypass
CVSS 9.8
Details
Vulnerabilities
72