Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-18 | CVE-2023-40174 | Insufficient Session Expiration vulnerability in Fobybus Social-Media-Skeleton Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. | 9.8 |
| 2023-08-08 | CVE-2023-37570 | Insufficient Session Expiration vulnerability in Esds.Co Emagic Data Center Management This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. | 8.8 |
| 2023-08-06 | CVE-2023-4190 | Insufficient Session Expiration vulnerability in Admidio Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11. | 6.5 |
| 2023-08-03 | CVE-2023-4126 | Insufficient Session Expiration vulnerability in Answer Insufficient Session Expiration in GitHub repository answerdev/answer prior to v1.1.0. | 8.8 |
| 2023-07-31 | CVE-2023-4005 | Insufficient Session Expiration vulnerability in Fossbilling Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5. | 9.8 |
| 2023-07-27 | CVE-2023-38489 | Insufficient Session Expiration vulnerability in Getkirby Kirby Kirby is a content management system. | 7.3 |
| 2023-07-25 | CVE-2023-37919 | Insufficient Session Expiration vulnerability in CAL Cal.Com Cal.com is open-source scheduling software. | 5.4 |
| 2023-07-11 | CVE-2023-28001 | Insufficient Session Expiration vulnerability in Fortinet Fortios An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via reusing the session of a deleted user in the REST API. | 9.8 |
| 2023-06-19 | CVE-2023-35857 | Insufficient Session Expiration vulnerability in Siren Investigate 12.1.7/13.2.0/13.2.1 In Siren Investigate before 13.2.2, session keys remain active even after logging out. | 9.8 |
| 2023-06-16 | CVE-2023-2788 | Insufficient Session Expiration vulnerability in Mattermost Mattermost fails to check if an admin user account active after an oauth2 flow is started, allowing an attacker with admin privileges to retain persistent access to Mattermost by obtaining an oauth2 access token while the attacker's account is deactivated. | 6.5 |