Vulnerabilities > Insufficient Session Expiration

DATE CVE VULNERABILITY TITLE RISK
2023-01-26 CVE-2023-23614 Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole.
network
low complexity
CWE-613
8.8
2023-01-26 CVE-2023-24426 Insufficient Session Expiration vulnerability in Jenkins Azure AD
Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.
network
low complexity
jenkins CWE-613
8.8
2023-01-17 CVE-2023-22732 Insufficient Session Expiration vulnerability in Shopware
Shopware is an open source commerce platform based on Symfony Framework and Vue js.
network
low complexity
shopware CWE-613
critical
9.8
2023-01-12 CVE-2023-0227 Insufficient Session Expiration vulnerability in Pyload
Insufficient Session Expiration in GitHub repository pyload/pyload prior to 0.5.0b3.dev36.
network
low complexity
pyload CWE-613
6.5
2023-01-11 CVE-2023-22492 Insufficient Session Expiration vulnerability in Zitadel
ZITADEL is a combination of Auth0 and Keycloak.
network
high complexity
zitadel CWE-613
5.9
2023-01-05 CVE-2022-46177 Insufficient Session Expiration vulnerability in Discourse
Discourse is an option source discussion platform.
network
low complexity
discourse CWE-613
8.1
2023-01-05 CVE-2022-43844 Insufficient Session Expiration vulnerability in IBM Robotic Process Automation for Cloud PAK
IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access control.
network
low complexity
ibm CWE-613
8.8
2023-01-05 CVE-2022-22371 Insufficient Session Expiration vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm CWE-613
6.5
2022-12-14 CVE-2022-47406 An issue was discovered in the fe_change_pwd (aka Change password for frontend users) extension before 2.0.5, and 3.x before 3.0.3, for TYPO3.
network
low complexity
CWE-613
critical
9.8
2022-12-14 CVE-2022-23502 TYPO3 is an open source PHP based web content management system.
network
low complexity
CWE-613
5.4