Vulnerabilities > Session Fixation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-08 | CVE-2020-8826 | Session Fixation vulnerability in Argoproj Argo CD As of v1.5.0, the Argo web interface authentication system issued immutable tokens. | 7.5 |
| 2020-04-08 | CVE-2020-4291 | Session Fixation vulnerability in IBM Security Information Queue IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI. | 4.3 |
| 2020-04-08 | CVE-2020-5550 | Session Fixation vulnerability in Plathome products Session fixation vulnerability in EasyBlocks IPv6 Ver. | 8.1 |
| 2020-04-01 | CVE-2020-5290 | Session Fixation vulnerability in Ctfd Rctf In RedpwnCTF before version 2.3, there is a session fixation vulnerability in exploitable through the `#token=$ssid` hash when making a request to the `/verify` endpoint. | 6.5 |
| 2020-03-16 | CVE-2019-19610 | Session Fixation vulnerability in Halvotec Raquest 10.23.10801.0 An issue was discovered in Halvotec RaQuest 10.23.10801.0. | 5.4 |
| 2020-03-16 | CVE-2019-4617 | Session Fixation vulnerability in IBM Cloud Automation Manager 3.2.1.0 IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. | 4.4 |
| 2020-03-16 | CVE-2020-5543 | Session Fixation vulnerability in Mitsubishielectric Iu1-1M20-D Firmware 1.0.7 TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier does not properly manage sessions, which allows remote attackers to stop the network functions or execute malware via a specially crafted packet. | 9.8 |
| 2020-03-05 | CVE-2020-9370 | Session Fixation vulnerability in Humaxdigital Hga12R-02 Firmware 1.1.53 HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking. | 9.1 |
| 2020-02-20 | CVE-2020-8990 | Session Fixation vulnerability in Western Digital IBI and MY Cloud Home Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation. | 9.1 |
| 2020-02-06 | CVE-2014-10400 | Session Fixation vulnerability in Keplerproject Cgilua The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. | 6.1 |