Vulnerabilities > Session Fixation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2021-29368 | Session Fixation vulnerability in Cuppacms Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gain access to arbitrary user sessions. | 8.8 |
| 2023-01-06 | CVE-2014-125048 | Session Fixation vulnerability in Kluks Xingwall A vulnerability, which was classified as critical, has been found in kassi xingwall. | 5.4 |
| 2023-01-05 | CVE-2022-43529 | Session Fixation vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an remote attacker to persist a session after a password reset or similar session clearing event. | 5.4 |
| 2022-12-29 | CVE-2022-36437 | Session Fixation vulnerability in Hazelcast Hazelcast-Jet The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. | 9.1 |
| 2022-12-25 | CVE-2022-44017 | Session Fixation vulnerability in Simmeth Lieferantenmanager An issue was discovered in Simmeth Lieferantenmanager before 5.6. | 7.5 |
| 2022-12-22 | CVE-2020-15679 | Session Fixation vulnerability in Mozilla VPN 1.0.7/1.1.0 An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that URL, and obtain authenticated access as that user. | 7.6 |
| 2022-12-13 | CVE-2022-38628 | Session Fixation vulnerability in Niceforyou Linear Emerge E3 Access Control Firmware Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a local session fixation. | 6.1 |
| 2022-11-21 | CVE-2022-44788 | Session Fixation vulnerability in Maggioli Appalti & Contratti 9.12.2 An issue was discovered in Appalti & Contratti 9.12.2. | 6.5 |
| 2022-11-16 | CVE-2022-44007 | Session Fixation vulnerability in Backclick 5.9.63 An issue was discovered in BACKCLICK Professional 5.9.63. | 8.8 |
| 2022-11-15 | CVE-2022-30769 | Session Fixation vulnerability in Zoneminder Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user. | 4.6 |