Vulnerabilities > Insufficient Session Expiration

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-05	CVE-2022-21652	Insufficient Session Expiration vulnerability in Shopware Shopware is an open source e-commerce software platform. network low complexity shopware CWE-613	5.5
2022-01-03	CVE-2021-25981	Insufficient Session Expiration vulnerability in Talkyard In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. network low complexity talkyard CWE-613 critical	10.0
2021-12-29	CVE-2021-45885	Insufficient Session Expiration vulnerability in Stormshield Network Security An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). network stormshield CWE-613	4.3
2021-12-29	CVE-2021-35034	Insufficient Session Expiration vulnerability in Zyxel Nbg6604 Firmware An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted. network low complexity zyxel CWE-613	6.4
2021-12-08	CVE-2020-27416	Insufficient Session Expiration vulnerability in Mahadiscom Mahavitaran 7.50 Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account. network low complexity mahadiscom CWE-613	7.5
2021-12-02	CVE-2021-43791	Insufficient Session Expiration vulnerability in Zulip Zulip is an open source group chat application that combines real-time chat with threaded conversations. network low complexity zulip CWE-613	5.0
2021-11-30	CVE-2021-36330	Insufficient Session Expiration vulnerability in Dell EMC Streaming Data Platform Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. network low complexity dell CWE-613	7.5
2021-11-30	CVE-2021-42545	Insufficient Session Expiration vulnerability in Business-Dnasolutions Topease An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27, which allows a remote attacker to reuse, spoof, or steal other user and admin sessions. network low complexity business-dnasolutions CWE-613	6.4
2021-11-16	CVE-2021-25940	Insufficient Session Expiration vulnerability in Arangodb In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration. network arangodb CWE-613	6.0
2021-11-16	CVE-2021-25985	Insufficient Session Expiration vulnerability in Darwin Factor In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s session even after the user logs out of the application. network low complexity darwin CWE-613 critical	9.8