Vulnerabilities > Session Fixation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-25 | CVE-2022-27305 | Session Fixation vulnerability in Gibbonedu Gibbon Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation. | 8.8 |
| 2022-05-24 | CVE-2022-1849 | Session Fixation vulnerability in Filegator Session Fixation in GitHub repository filegator/filegator prior to 7.8.0. | 5.4 |
| 2022-04-27 | CVE-2021-38869 | Session Fixation vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. | 9.8 |
| 2022-04-14 | CVE-2020-25152 | Session Fixation vulnerability in Bbraun Datamodule Compactplus and Spacecom A session fixation vulnerability in the B. | 8.1 |
| 2022-04-06 | CVE-2022-26591 | Session Fixation vulnerability in Fantec Mwid25-Ds Firmware 2.000.030 FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download arbitrary files via a crafted GET request. | 7.5 |
| 2022-03-24 | CVE-2022-24781 | Session Fixation vulnerability in Geon Project Geon 1.0.0 Geon is a board game based on solving questions about the Pythagorean Theorem. | 7.1 |
| 2022-03-09 | CVE-2022-24745 | Session Fixation vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 6.5 |
| 2022-02-02 | CVE-2021-39066 | Session Fixation vulnerability in IBM Financial Transaction Manager 3.2.4 IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session identifier gives an attacker the opportunity to steal authenticated sessions. | 8.8 |
| 2022-01-21 | CVE-2022-22551 | Session Fixation vulnerability in Dell EMC Appsync 3.9.0.0/4.2.0.0/4.3.0.0 DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. | 8.8 |
| 2021-12-30 | CVE-2021-20151 | Session Fixation vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. | 10.0 |