Fallos del tipo CWE-613

394 resultados
CVE-2026-44553HIGHOpen WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note AccessEPSS 0.3%CVE-2026-25720MEDIUMSenseLive X3050 Insufficient session expirationEPSS 0.3%CVE-2021-22136In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout settinEPSS 0.3%CVE-2026-9705MEDIUMKeycloak: keycloak: attacker can re-enable and take over disabled clients via registration access tokenEPSS 0.3%CVE-2022-2888MEDIUMInsufficient Session Expiration in octoprint/octoprintEPSS 0.3%CVE-2026-53843HIGHOpenClaw < 2026.5.26 - Node Token Revocation Bypass via Pairing-Scoped Device SessionEPSS 0.3%CVE-2025-57766LOWFides's Admin UI User Password Change Does Not Invalidate Current SessionEPSS 0.3%CVE-2025-62631MEDIUMAn insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 alEPSS 0.3%CVE-2025-22386HIGHAn issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B applicEPSS 0.3%CVE-2024-46040MEDIUMIoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration. The lack of validation of the authenticatiEPSS 0.3%CVE-2025-12110MEDIUMKeycloak: org.keycloak:keycloak-services: user can refresh offline session even after client's offline_access scope was removedEPSS 0.3%CVE-2025-25252MEDIUMAn Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10EPSS 0.3%CVE-2026-22706LOWStrapi: Password Reset Does Not Revoke Existing Refresh SessionsEPSS 0.3%CVE-2025-46336MEDIUMRack session gets restored after deletionEPSS 0.3%CVE-2026-46657HIGHBludit's persistent authentication tokens not revoked upon account disablementEPSS 0.3%CVE-2026-41891MEDIUMCI4MS: Deactivated User Session Bypass (active=0)EPSS 0.3%CVE-2026-35594MEDIUMVikunja Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgradeEPSS 0.3%CVE-2025-2185HIGHALBEDO Telecom Net.Time - PTP/NTP Clock Insufficient Session ExpirationEPSS 0.3%CVE-2023-37919MEDIUMCal.com not expiring old sessions after enabling 2FAEPSS 0.3%CVE-2026-33417MEDIUMWallos: Password Reset Tokens Never ExpireEPSS 0.3%