• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-384

CVE-2022-24444

February 23, 2023 by godfreyd94

Silverstripe silverstripe/framework through 4.10 allows Session Fixation.

CVE-2022-22922

February 23, 2023 by

TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges.

CVE-2022-22681

February 23, 2023 by

Session fixation vulnerability in access control management in Synology Photo Station before 6.8.16-3506 allows remote attackers to bypass security constraint via unspecified vectors.

CVE-2022-22551

February 23, 2023 by

DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session.

CVE-2022-1849

February 23, 2023 by

Session Fixation in GitHub repository filegator/filegator prior to 7.8.0.

CVE-2023-24424

February 22, 2023 by godfreyd94

Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 28
  • Go to page 29
  • Go to page 30
  • Go to page 31
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE