Export limit exceeded: 359426 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (584 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23824 | 3 Amd, Fedoraproject, Xen | 336 A10-9600p, A10-9600p Firmware, A10-9630p and 333 more | 2025-02-13 | 5.5 Medium |
| IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. | ||||
| CVE-2019-10158 | 2 Infinispan, Redhat | 2 Infinispan, Jboss Data Grid | 2025-02-13 | 9.8 Critical |
| A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring Session integration can result in incorrect session handling. | ||||
| CVE-2023-26260 | 1 Oxidforge | 1 Oxid Eshop | 2025-02-11 | 5.4 Medium |
| OXID eShop 6.2.x before 6.4.4 and 6.5.x before 6.5.2 allows session hijacking, leading to partial access of a customer's account by an attacker, due to an improper check of the user agent. | ||||
| CVE-2023-2105 | 1 Easyappointments | 1 Easyappointments | 2025-02-06 | 8.8 High |
| Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | ||||
| CVE-2023-29019 | 1 Fastify | 1 Passport | 2025-02-04 | 8.1 High |
| @fastify/passport is a port of passport authentication library for the Fastify ecosystem. Applications using `@fastify/passport` in affected versions for user authentication, in combination with `@fastify/session` as the underlying session management mechanism, are vulnerable to session fixation attacks from network and same-site attackers. fastify applications rely on the `@fastify/passport` library for user authentication. The login and user validation are performed by the `authenticate` function. When executing this function, the `sessionId` is preserved between the pre-login and the authenticated session. Network and same-site attackers can hijack the victim's session by tossing a valid `sessionId` cookie in the victim's browser and waiting for the victim to log in on the website. As a solution, newer versions of `@fastify/passport` regenerate `sessionId` upon login, preventing the attacker-controlled pre-session cookie from being upgraded to an authenticated session. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-29020 | 1 Fastify | 1 Passport | 2025-02-04 | 6.5 Medium |
| @fastify/passport is a port of passport authentication library for the Fastify ecosystem. The CSRF (Cross-Site Request Forger) protection enforced by the `@fastify/csrf-protection` library, when combined with `@fastify/passport` in affected versions, can be bypassed by network and same-site attackers. `fastify/csrf-protection` implements the synchronizer token pattern (using plugins `@fastify/session` and `@fastify/secure-session`) by storing a random value used for CSRF token generation in the `_csrf` attribute of a user's session. The `@fastify/passport` library does not clear the session object upon authentication, preserving the `_csrf` attribute between pre-login and authenticated sessions. Consequently, CSRF tokens generated before authentication are still valid. Network and same-site attackers can thus obtain a CSRF token for their pre-session, fixate that pre-session in the victim's browser via cookie tossing, and then perform a CSRF attack after the victim authenticates. As a solution, newer versions of `@fastify/passport` include the configuration options: `clearSessionOnLogin (default: true)` and `clearSessionIgnoreFields (default: ['passport', 'session'])` to clear all the session attributes by default, preserving those explicitly defined in `clearSessionIgnoreFields`. | ||||
| CVE-2024-0157 | 1 Dell | 2 Storage Monitoring And Reporting, Storage Resource Manager | 2025-02-04 | 5.9 Medium |
| Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to the hijack of a targeted user's application session. | ||||
| CVE-2023-1265 | 1 Gitlab | 1 Gitlab | 2025-01-29 | 5.4 Medium |
| An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The condition allows for a privileged attacker, under certain conditions, to obtain session tokens from all users of a GitLab instance. | ||||
| CVE-2023-28316 | 1 Rocket.chat | 1 Rocket.chat | 2025-01-28 | 9.8 Critical |
| A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled. | ||||
| CVE-2023-30056 | 1 Fico | 1 Origination Manager Decision | 2025-01-28 | 7.5 High |
| A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie. | ||||
| CVE-2023-31498 | 1 Phpgurukul | 1 Hospital Management System | 2025-01-27 | 9.8 Critical |
| A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter. | ||||
| CVE-2023-32997 | 1 Jenkins | 1 Cas | 2025-01-23 | 8.8 High |
| Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login. | ||||
| CVE-2023-0897 | 1 Sielco | 6 Polyeco1000, Polyeco1000 Firmware, Polyeco300 and 3 more | 2025-01-16 | 8.8 High |
| Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests. | ||||
| CVE-2024-50339 | 1 Glpi-project | 1 Glpi | 2025-01-10 | 5.3 Medium |
| GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.17, an unauthenticated user can retrieve all the sessions IDs and use them to steal any valid session. Version 10.0.17 contains a patch for this issue. | ||||
| CVE-2024-30262 | 1 Contao | 1 Contao | 2025-01-09 | 5.9 Medium |
| Contao is an open source content management system. Prior to version 4.13.40, when a frontend member changes their password in the personal data or the password lost module, the corresponding remember-me tokens are not removed. If someone compromises an account and is able to get a remember-me token, changing the password would not be enough to reclaim control over the account. Version 4.13.40 contains a fix for the issue. As a workaround, disable "Allow auto login" in the login module. | ||||
| CVE-2024-25964 | 1 Dell | 1 Powerscale Onefs | 2025-01-09 | 5.3 Medium |
| Dell PowerScale OneFS 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2024-28197 | 1 Zitadel | 1 Zitadel | 2025-01-07 | 7.5 High |
| Zitadel is an open source identity management system. Zitadel uses a cookie to identify the user agent (browser) and its user sessions. Although the cookie was handled according to best practices, it was accessible on subdomains of the ZITADEL instance. An attacker could take advantage of this and provide a malicious link hosted on the subdomain to the user to gain access to the victim’s account in certain scenarios. A possible victim would need to login through the malicious link for this exploit to work. If the possible victim already had the cookie present, the attack would not succeed. The attack would further only be possible if there was an initial vulnerability on the subdomain. This could either be the attacker being able to control DNS or a XSS vulnerability in an application hosted on a subdomain. Versions 2.46.0, 2.45.1, and 2.44.3 have been patched. Zitadel recommends upgrading to the latest versions available in due course. Note that applying the patch will invalidate the current cookie and thus users will need to start a new session and existing sessions (user selection) will be empty. For self-hosted environments unable to upgrade to a patched version, prevent setting the following cookie name on subdomains of your Zitadel instance (e.g. within your WAF): `__Secure-zitadel-useragent`. | ||||
| CVE-2023-3192 | 1 Froxlor | 1 Froxlor | 2025-01-06 | 5.4 Medium |
| Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0. | ||||
| CVE-2023-28809 | 1 Hikvision | 52 Ds-k1t320efwx, Ds-k1t320efwx Firmware, Ds-k1t320efx and 49 more | 2024-12-18 | 7.5 High |
| Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user. | ||||
| CVE-2023-34156 | 1 Huawei | 1 Emui | 2024-12-17 | 5.3 Medium |
| Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to be denied. | ||||