Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Nextcloud
Nextcloudadded 2026/05/13 6:50 a.m.8 views

Bypass of second factor authentication on DAV endpoints by reusing a pre-2FA session ID

None...

5.9CVSS5.8AI score0.00053EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/02/05 11:7 a.m.26 views

CVE-2026-23796 Session Fixation in Quick.Cart

Quick.Cart allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. The vendor was notified early about this...

4.8CVSS0.00065EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 4:46 a.m.6 views

CVE-2019-1003019

An session fixation vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session...

5.9CVSS6.6AI score0.00032EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 4:20 a.m.1 views

SUSE CVE-2018-1000173

A session fixaction vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session...

5.9CVSS5.8AI score0.00133EPSS
Exploits0References3
OSV
OSVadded 2022/05/14 3:7 a.m.13 views

GHSA-4PJX-86PG-X4J5 Jenkins SAML Plugin Session Fixation vulnerability

A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session. SAML Plugin 1.0.7 invalidates the previous session during login and create...

6.5CVSS5.5AI score0.00032EPSS
Exploits0References4
OSV
OSVadded 2022/05/13 1:31 a.m.15 views

GHSA-MCQX-WC2J-QX9V GitHub Authentication Plugin session fixation vulnerability

An session fixation vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session...

5.9CVSS5.6AI score0.00032EPSS
Exploits0References4
Cvelist
Cvelistadded 2019/08/07 2:20 p.m.14 views

CVE-2019-10371

A session fixation vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows unauthorized attackers to impersonate another user if they can control the pre-authentication session...

7.5AI score0.00055EPSS
Exploits0References2
OSV
OSVadded 2018/06/26 5:29 p.m.13 views

CVE-2018-1000602

A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session...

5.9CVSS5.7AI score
Exploits0References1
Rows per page
Query Builder