Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-26 | CVE-2021-29846 | Insufficient Session Expiration vulnerability in IBM Security Guardium Insights 3.0.0 IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. | 2.7 |
| 2022-01-18 | CVE-2021-37866 | Insufficient Session Expiration vulnerability in Mattermost Boards 0.10.0 Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization. | 7.5 |
| 2022-01-13 | CVE-2022-22113 | Insufficient Session Expiration vulnerability in Daybydaycrm Daybyday In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. | 8.8 |
| 2022-01-10 | CVE-2022-22283 | Insufficient Session Expiration vulnerability in Samsung Health 6.16/6.17/6.19.1.0001 Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App. | 3.3 |
| 2022-01-05 | CVE-2022-21652 | Insufficient Session Expiration vulnerability in Shopware Shopware is an open source e-commerce software platform. | 8.1 |
| 2022-01-03 | CVE-2021-25981 | Insufficient Session Expiration vulnerability in Talkyard In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. | 9.8 |
| 2021-12-29 | CVE-2021-45885 | Insufficient Session Expiration vulnerability in Stormshield Network Security 4.2.2/4.2.3 An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). | 7.5 |
| 2021-12-29 | CVE-2021-35034 | Insufficient Session Expiration vulnerability in Zyxel Nbg6604 Firmware An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted. | 9.1 |
| 2021-12-08 | CVE-2020-27416 | Insufficient Session Expiration vulnerability in Mahadiscom Mahavitaran 7.50 Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account. | 9.8 |
| 2021-11-30 | CVE-2021-42545 | Insufficient Session Expiration vulnerability in Business-Dnasolutions Topease An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions. | 9.1 |