Vulnerabilities > Session Fixation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-17 | CVE-2018-12071 | Session Fixation vulnerability in Codeigniter A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled. | 9.8 |
| 2018-06-13 | CVE-2017-3968 | Session Fixation vulnerability in Mcafee products Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) before 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) before 9.3.4.1.5 allows remote attackers to disclose sensitive information or manipulate the database via a crafted authentication cookie. | 9.1 |
| 2018-06-13 | CVE-2018-11385 | Session Fixation vulnerability in multiple products An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. | 8.1 |
| 2018-06-04 | CVE-2018-11714 | Session Fixation vulnerability in Tp-Link Tl-Wr840N Firmware and Tl-Wr841N Firmware An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. | 9.8 |
| 2018-05-31 | CVE-2018-11571 | Session Fixation vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 allows Session Fixation. | 8.8 |
| 2018-05-30 | CVE-2018-11567 | Session Fixation vulnerability in Amazon products Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. | 3.3 |
| 2018-05-29 | CVE-2018-1375 | Session Fixation vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. | 7.5 |
| 2018-05-25 | CVE-2018-11475 | Session Fixation vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. | 8.0 |
| 2018-05-25 | CVE-2018-11474 | Session Fixation vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. | 8.0 |
| 2018-05-18 | CVE-2018-1148 | Session Fixation vulnerability in Tenable Nessus In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. | 6.5 |