Weaknesses of type CWE-384
221 resultsCVE-2023-29019HIGHSession fixation in fastify-passportEPSS 0.8%CVE-2024-37829HIGHAn issue in Outline <= v0.76.1 allows attackers to execute a session hijacking attack via user interaction with a crafted magic sign-in linkEPSS 0.7%CVE-2023-6913HIGHSession Hijacking on Imou Life appEPSS 0.7%CVE-2023-28316CRITICALA security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not iEPSS 0.7%CVE-2022-44017HIGHAn issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session management, an attacker can log back into a victiEPSS 0.7%CVE-2025-63224CRITICALThe Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers cEPSS 0.7%CVE-2021-29368HIGHSession fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gaiEPSS 0.7%CVE-2025-63216CRITICALThe Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers EPSS 0.7%CVE-2022-3269MEDIUMSession Fixation in ikus060/rdiffwebEPSS 0.7%CVE-2023-46733MEDIUMSymfony possible session fixation vulnerabilityEPSS 0.7%CVE-2024-38513CRITICALFiber Session Middleware Token Injection VulnerabilityEPSS 0.7%CVE-2022-2997MEDIUMSession Fixation in snipe/snipe-itEPSS 0.7%CVE-2022-1849MEDIUMSession Fixation in filegator/filegatorEPSS 0.7%CVE-2023-2105HIGHSession Fixation in alextselegidis/easyappointmentsEPSS 0.7%CVE-2023-53741MEDIUMScreen SFT DAB 1.9.3 Authentication Bypass via IP Session ManagementEPSS 0.7%CVE-2023-42322CRITICALInsecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain sensitive information.EPSS 0.7%CVE-2022-40226HIGHA vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versionsEPSS 0.6%CVE-2024-10158MEDIUMPHPGurukul Boat Booking System session_start session fixiationEPSS 0.6%CVE-2025-8517MEDIUMgivanz Vvveb session fixiationEPSS 0.6%CVE-2024-23590CRITICALApache Kylin: Session fixation in web interfaceEPSS 0.6%