Vulnerabilities > Insufficient Session Expiration
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-22 | CVE-2024-41827 | Insufficient Session Expiration vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration | 9.8 |
2024-02-16 | CVE-2024-25628 | Insufficient Session Expiration vulnerability in ALF 2.0M42304 Alf.io is a free and open source event attendance management system. | 7.6 |
2024-02-14 | CVE-2024-0008 | Insufficient Session Expiration vulnerability in Paloaltonetworks Pan-Os Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access. | 8.8 |
2024-02-11 | CVE-2024-25718 | Insufficient Session Expiration vulnerability in Dropbox Samly In the Samly package before 1.4.0 for Elixir, Samly.State.Store.get_assertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry. | 9.8 |
2023-12-25 | CVE-2023-51772 | Insufficient Session Expiration vulnerability in Oneidentity Password Manager One Identity Password Manager before 5.13.1 allows Kiosk Escape. | 8.8 |
2023-12-18 | CVE-2023-4320 | Insufficient Session Expiration vulnerability in Redhat Satellite An arithmetic overflow flaw was found in Satellite when creating a new personal access token. | 7.5 |
2023-12-14 | CVE-2023-49935 | Insufficient Session Expiration vulnerability in Schedmd Slurm An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. | 8.8 |
2023-11-30 | CVE-2023-46326 | Insufficient Session Expiration vulnerability in Zstack ZStack Cloud version 3.10.38 and before allows unauthenticated API access to the list of active job UUIDs and the session ID for each of these. | 8.8 |
2023-11-01 | CVE-2023-5889 | Insufficient Session Expiration vulnerability in PKP web Application Library Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | 8.2 |
2023-10-31 | CVE-2023-39695 | Insufficient Session Expiration vulnerability in Elenos Etg150 Firmware 3.12 Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to arbitrarily change transmitter configuration and data after logging out. | 5.3 |