CWE-539
6 CVEs classified under CWE-539. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-39275 | High | 8.0 | 2024-09-27 | Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if… |
CVE-2023-30861 | High | 7.5 | 2023-05-02 | Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be… |
CVE-2026-35192 | Medium | 6.5 | 2026-05-05 | An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but `SESSION_SAVE_EVER… |
CVE-2026-24318 | Medium | 4.2 | 2026-04-14 | Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Platform, an unauthenticated attacker could obtain valid sess… |
CVE-2025-52633 | Low | 3.1 | 2026-02-03 | HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies m… |
CVE-2021-27463 | | 2021-05-20 | A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the… |