An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros.
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without hav...
The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port 194...
Under certain circumstances the session token is not cleared on logout.
An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse.
An issue was discovered in the zeroize_derive crate before 1.1.1 for Rust. Dropped memory is not zeroed out for an enum.
Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didn't cleanup the database session completely after client authentication failed, which allowed an attacker to execute ...