• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-613

CVE-2022-22318

February 23, 2023 by

IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

CVE-2022-22113

February 23, 2023 by

In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed.

CVE-2022-21652

February 23, 2023 by

Shopware is an open source e-commerce software platform. In affected versions shopware would not invalidate a user session in the event of a password change. With version 5.7.7 the session validation was adjusted, so that sessions created prior to the latest password change of a customer account can’t be used to login with said account. This also means, that upon a password change, all existing sessions for a given customer account are automatically considered invalid. There is no workaround for this issue.

CVE-2022-2064

February 23, 2023 by

Insufficient Session Expiration in GitHub repository nocodb/nocodb prior to 0.91.7+.

CVE-2022-0991

February 23, 2023 by

Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9.

CVE-2022-0996

February 23, 2023 by

A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 29
  • Go to page 30
  • Go to page 31
  • Go to page 32
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE