Vulnerabilities > Insufficient Session Expiration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-26 | CVE-2023-32318 | Insufficient Session Expiration vulnerability in Nextcloud Server Nextcloud server provides a home for data. | 6.7 |
| 2023-05-22 | CVE-2023-31065 | Insufficient Session Expiration vulnerability in Apache Inlong 1.4.0/1.5.0/1.6.0 Insufficient Session Expiration vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. An old session can be used by an attacker even after the user has been deleted or the password has been changed. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 , https://github.com/apache/inlong/pull/7884 https://github.com/apache/inlong/pull/7884 to solve it. | 9.1 |
| 2023-05-16 | CVE-2023-33005 | Insufficient Session Expiration vulnerability in Jenkins Wso2 Oauth 1.0 Jenkins WSO2 Oauth Plugin 1.0 and earlier does not invalidate the previous session on login. | 5.4 |
| 2023-05-09 | CVE-2023-31139 | Insufficient Session Expiration vulnerability in Dhis2 Dhis 2 DHIS2 Core contains the service layer and Web API for DHIS2, an information system for data capture. | 7.5 |
| 2023-05-08 | CVE-2023-31140 | Insufficient Session Expiration vulnerability in Openproject OpenProject is open source project management software. | 6.5 |
| 2023-05-05 | CVE-2020-4914 | Insufficient Session Expiration vulnerability in IBM Cloud PAK System IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. | 5.5 |
| 2023-05-05 | CVE-2022-38707 | Insufficient Session Expiration vulnerability in IBM Cognos Command Center 10.2.4.1 IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. | 5.5 |
| 2023-05-02 | CVE-2023-30403 | Insufficient Session Expiration vulnerability in Aigital Wireless-N Repeater Mini Router Firmware 0.131229 An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user. | 7.5 |
| 2023-04-18 | CVE-2023-28003 | Insufficient Session Expiration vulnerability in Schneider-Electric Ecostruxure Power Monitoring Expert A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker to maintain unauthorized access over a hijacked session in PME after the legitimate user has signed out of their account. | 8.8 |
| 2023-04-16 | CVE-2022-37186 | Insufficient Session Expiration vulnerability in Lemonldap-Ng Lemonldap::Ng In LemonLDAP::NG before 2.0.15. | 5.9 |