Falhas do tipo CWE-384

221 resultados
CVE-2021-41268MEDIUMCookie persistence in SymfonyEPSS 1.3%CVE-2019-6584A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS EPSS 1.3%CVE-2022-31888HIGHSession Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.EPSS 1.2%CVE-2023-24456CRITICALJenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.EPSS 1.2%CVE-2020-25152MEDIUMB. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplusEPSS 1.2%CVE-2023-24424HIGHJenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.EPSS 1.2%CVE-2023-45687HIGHAuthentication bypass via session fixation in Titan MFT and Titan SFTP serversEPSS 1.2%CVE-2020-1762HIGHAn insufficient JWT validation vulnerability was found in Kiali versions 0.4.0 to 1.15.0 and was fixed in Kiali version 1.15.1, wherein a reEPSS 1.1%CVE-2018-17902Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The application utilizes multiple methods of sessEPSS 1.1%CVE-2020-25198HIGHMOXA NPort IAW5000A-I/O SeriesEPSS 1.1%CVE-2019-0062HIGHJunos OS: Session fixation vulnerability in J-WebEPSS 1.1%CVE-2019-3784HIGHCloud Foundry Stratos contains a Session Collision VulnerabilityEPSS 1.1%CVE-2023-24427CRITICALJenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.EPSS 1.1%CVE-2022-36437CRITICALThe Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster EPSS 1.0%CVE-2018-13282MEDIUMSession fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7-3481 allows remote attackers to hijack web sEPSS 1.0%CVE-2023-30056HIGHA session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cEPSS 1.0%CVE-2021-32676MEDIUMSession Fixation in Nextcloud TalkEPSS 1.0%CVE-2022-3916MEDIUMKeycloak: session takeover with oidc offline refreshtokensEPSS 1.0%CVE-2010-1434Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hijack an arbitrary session and gain accesEPSS 0.9%CVE-2019-3783HIGHCloud Foundry Stratos Deploys With Public Default Session Store SecretEPSS 0.9%