Total
380 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12667 | 1 Invoiceplane | 1 Invoiceplane | 2024-12-19 | 2.6 LOW | 3.7 LOW |
| A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /invoices/view. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.2-beta-1 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. | |||||
| CVE-2024-25619 | 1 Joinmastodon | 1 Mastodon | 2024-12-18 | N/A | 3.1 LOW |
| Mastodon is a free, open-source social network server based on ActivityPub. When an OAuth Application is destroyed, the streaming server wasn't being informed that the Access Tokens had also been destroyed, this could have posed security risks to users by allowing an application to continue listening to streaming after the application had been destroyed. Essentially this comes down to the fact that when Doorkeeper sets up the relationship between Applications and Access Tokens, it uses a `dependent: delete_all` configuration, which means the `after_commit` callback setup on `AccessTokenExtension` didn't actually fire, since `delete_all` doesn't trigger ActiveRecord callbacks. To mitigate, we need to add a `before_destroy` callback to `ApplicationExtension` which announces to streaming that all the Application's Access Tokens are being "killed". Impact should be negligible given the affected application had to be owned by the user. None the less this issue has been addressed in versions 4.2.6, 4.1.14, 4.0.14, and 3.5.18. Users are advised to upgrade. There are no known workaround for this vulnerability. | |||||
| CVE-2024-25628 | 1 Alf | 1 Alf | 2024-12-18 | N/A | 7.6 HIGH |
| Alf.io is a free and open source event attendance management system. In versions prior to 2.0-M4-2402 users can access the admin area even after being invalidated/deleted. This issue has been addressed in version 2.0-M4-2402. All users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-11668 | 1 Gitlab | 1 Gitlab | 2024-12-12 | N/A | 4.2 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Long-lived connections could potentially bypass authentication controls, allowing unauthorized access to streaming results. | |||||
| CVE-2023-36252 | 1 Ateme | 4 Flamingo Xl, Flamingo Xl Firmware, Flamingo Xs and 1 more | 2024-12-03 | N/A | 8.8 HIGH |
| An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to execute arbitrary code and cause a denial of service via a the session expiration function. | |||||
| CVE-2024-35160 | 1 Ibm | 2 Big Sql, Watson Query With Cloud Pak For Data | 2024-11-26 | N/A | 4.3 MEDIUM |
| IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. | |||||
| CVE-2024-45187 | 2024-11-25 | N/A | 7.1 HIGH | ||
| Guest users in the Mage AI framework that remain logged in after their accounts are deleted, are mistakenly given high privileges and specifically given access to remotely execute arbitrary code through the Mage AI terminal server | |||||
| CVE-2024-5995 | 2024-11-21 | N/A | 8.8 HIGH | ||
| The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can be reused. | |||||
| CVE-2024-4680 | 1 Zenml | 1 Zenml | 2024-11-21 | N/A | 8.8 HIGH |
| A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the victim's ability to revoke this access. This issue was observed in a self-hosted ZenML deployment via Docker, where after changing the password from one browser, the session remained active and usable in another browser without requiring re-authentication. | |||||
| CVE-2024-45462 | 1 Apache | 1 Cloudstack | 2024-11-21 | N/A | 6.3 MEDIUM |
| The logout operation in the CloudStack web interface does not expire the user session completely which is valid until expiry by time or restart of the backend service. An attacker that has access to a user's browser can use an unexpired session to gain access to resources owned by the logged out user account. This issue affects Apache CloudStack from 4.15.1.0 through 4.18.2.3; and from 4.19.0.0 through 4.19.1.1. Users are recommended to upgrade to Apache CloudStack 4.18.2.4 or 4.19.1.2, or later, which addresses this issue. | |||||
| CVE-2024-41827 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | N/A | 7.4 HIGH |
| In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration | |||||
| CVE-2024-36041 | 1 Kde | 1 Plasma-workspace | 2024-11-21 | N/A | 7.8 HIGH |
| KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tmp directory. | |||||
| CVE-2024-35220 | 2024-11-21 | N/A | 7.4 HIGH | ||
| @fastify/session is a session plugin for fastify. Requires the @fastify/cookie plugin. When restoring the cookie from the session store, the `expires` field is overriden if the `maxAge` field was set. This means a cookie is never correctly detected as expired and thus expired sessions are not destroyed. This vulnerability has been patched 10.8.0. | |||||
| CVE-2024-35048 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| An issue in SurveyKing v1.3.1 allows attackers to execute a session replay attack after a user changes their password. | |||||
| CVE-2024-29402 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| cskefu v7 suffers from Insufficient Session Expiration, which allows attackers to exploit the old session for malicious activity. | |||||
| CVE-2024-29401 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration, which allows attackers to use the session of a deleted admin to do anything. | |||||
| CVE-2024-27782 | 1 Fortinet | 1 Fortiaiops | 2024-11-21 | N/A | 8.1 HIGH |
| Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests. | |||||
| CVE-2024-27455 | 2024-11-21 | N/A | 9.1 CRITICAL | ||
| In the Bentley ALIM Web application, certain configuration settings can cause exposure of a user's ALIM session token when the user attempts to download files. This is fixed in Assetwise ALIM Web 23.00.04.04 and Assetwise Information Integrity Server 23.00.02.03. | |||||
| CVE-2024-25718 | 1 Dropbox | 1 Samly | 2024-11-21 | N/A | 9.8 CRITICAL |
| In the Samly package before 1.4.0 for Elixir, Samly.State.Store.get_assertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry. | |||||
| CVE-2024-22403 | 1 Nextcloud | 1 Nextcloud Server | 2024-11-21 | N/A | 3.0 LOW |
| Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. It is recommended that the Nextcloud Server is upgraded to 28.0.0. There are no known workarounds for this vulnerability. | |||||