Fallos del tipo CWE-613
394 resultadosCVE-2023-20903MEDIUMThis disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity proEPSS 0.4%CVE-2021-35473CRITICALAn issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verifEPSS 0.4%CVE-2024-41827HIGHIn JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expirationEPSS 0.4%CVE-2025-4754LOWMissing Session Revocation on Logout in ash_authentication_phoenixEPSS 0.4%CVE-2022-23502MEDIUMTYPO3 contains Insufficient Session Expiration after Password ResetEPSS 0.4%CVE-2021-46279MEDIUMSession Fixation and Insufficient Session ExpirationEPSS 0.4%CVE-2026-32132HIGHZITADEL: Reactivation of Expired Passkey Registration CodesEPSS 0.4%CVE-2026-44648HIGHSillyTavern: Existing sessions are not invalidated after password change, allowing session reuse and account takeoverEPSS 0.4%CVE-2025-59841CRITICALFlagForgeCTF's Improper Session Handling Allows Access After LogoutEPSS 0.4%CVE-2024-13280CRITICALPersistent Login - Moderately critical - Access bypass - SA-CONTRIB-2024-044EPSS 0.4%CVE-2024-45462MEDIUMApache CloudStack: Incomplete session invalidation on web interface logoutEPSS 0.4%CVE-2022-24732MEDIUMMaddy Mail Server does not implement account expiryEPSS 0.4%CVE-2026-21622CRITICALPassword Reset Tokens Do Not ExpireEPSS 0.4%CVE-2024-34092MEDIUMAn issue was discovered in Archer Platform 6 before 2024.04. Authentication was mishandled because lock did not terminate an existing sessioEPSS 0.4%CVE-2025-50486HIGHImproper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execEPSS 0.4%CVE-2025-50485HIGHImproper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to exEPSS 0.4%CVE-2025-46815HIGHZITADEL Allows IdP Intent Token ReuseEPSS 0.4%CVE-2026-24912MEDIUMePower epower.ie Insufficient Session ExpirationEPSS 0.4%CVE-2022-39234MEDIUMuser session persists even after permanently deleting account in GLPIEPSS 0.4%CVE-2021-20581MEDIUMIBM Security Verify Privilege information disclosureEPSS 0.4%