Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

CWE-384 (会话固定) — Vulnerability Class 145

145 vulnerabilities classified as CWE-384 (会话固定). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPaused
CVE-2024-24552 Bludit is Vulnerable to Session Fixation — Bludit 8.8AIHighAI2024-06-24
CVE-2024-25977 Session Fixation — HAWKI 8.3AIHighAI2024-05-29
CVE-2023-38002 IBM Storage Scale session fixation — Storage Scale 5.0 Medium2024-04-30
CVE-2024-2260 Session Fixation Vulnerability in zenml-io/zenml — zenml-io/zenml 8.8 -2024-04-16
CVE-2024-31221 Clients removed during unpairing process may regain access if Sunshine was not restarted — Sunshine 5.9 Medium2024-04-08
CVE-2024-2639 Bdtask Wholesale Inventory Management System session fixiation — Wholesale Inventory Management System 4.3 Medium2024-03-19
CVE-2024-22250 Session Hijack Vulnerability in Deprecated EAP Browser Plugin — VMware Enhanced Authentication Plug-in (EAP) 7.8 High2024-02-20
CVE-2023-47798 Liferay Portal和Liferay DXP 安全漏洞 — Portal 5.4 Medium2024-02-08
CVE-2024-24823 graylog2-server Session Fixation vulnerability through cookie injection — graylog2-server 5.7 Medium2024-02-07
CVE-2023-50941 IBM PowerSC session fixation — PowerSC 6.3 Medium2024-02-02
CVE-2024-23679 Enonic XP Session Fixation Vulnerability 9.8 -2024-01-19
CVE-2024-0351 SourceCodester Engineers Online Portal session fixiation — Engineers Online Portal 3.1 Low2024-01-09
CVE-2023-6913 Session Hijacking on Imou Life app — Imou Life app 8.1 High2023-12-19
CVE-2023-49804 Uptime Kuma Password Change Vulnerability — uptime-kuma 6.7 Medium2023-12-11
CVE-2023-46733 Symfony possible session fixation vulnerability — symfony 6.5 Medium2023-11-10
CVE-2023-5309 Broken Session Management in Puppet Enterprise — Puppet Enterprise 6.8 Medium2023-11-07
CVE-2023-0897 Session FIxation in Sielco PolyEco1000 — PolyEco1000 8.8 High2023-10-26
CVE-2023-45687 Authentication bypass via session fixation in Titan MFT and Titan SFTP servers — Titan MFT 8.1 -2023-10-16
CVE-2023-44400 Uptime Kuma has Persistentent User Sessions — uptime-kuma 6.7 Medium2023-10-09
CVE-2022-3916 Keycloak: session takeover with oidc offline refreshtokens — Red Hat Single Sign-On 7 6.8 Medium2023-09-20
CVE-2023-3711 Potential Predictable Session ID — PM23/43 6.4 Medium2023-09-12
CVE-2023-4649 Session Fixation in instantsoft/icms2 — instantsoft/icms2 7.6 -2023-08-31
CVE-2023-40273 Session fixation in Apache Airflow web interface — Apache Airflow 8.8 -2023-08-23
CVE-2023-24477 Session Fixation in Guardian/CMC before 22.6.2 — Guardian 7.0 High2023-08-09
CVE-2023-3394 Session Fixation in fossbilling/fossbilling — fossbilling/fossbilling 7.6 -2023-06-23
CVE-2023-3192 Session Fixation in froxlor/froxlor — froxlor/froxlor 7.6 -2023-06-11
CVE-2023-28316 Rocket.Chat 授权问题漏洞 — Rocket.Chat 9.8 -2023-05-09
CVE-2023-29020 Cross site request forgery token fixation in fastify-passport — fastify-passport 6.5 Medium2023-04-21
CVE-2023-29019 Session fixation in fastify-passport — fastify-passport 8.1 High2023-04-21
CVE-2023-2105 Session Fixation in alextselegidis/easyappointments — alextselegidis/easyappointments 8.1 -2023-04-15

Vulnerabilities classified as CWE-384 (会话固定) represent 145 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.