GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
283 advisories
Filter by severity
A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache...
Moderate
Unreviewed
CVE-2019-14826
was published
May 24, 2022
An issue was discovered in eteams OA v4.0.34. Because the session is not strictly checked, the...
Moderate
Unreviewed
CVE-2019-16133
was published
May 24, 2022
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an...
High
Unreviewed
CVE-2019-5638
was published
May 24, 2022
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows...
Moderate
Unreviewed
CVE-2019-2386
was published
May 24, 2022
Prima Systems FlexAir devices have an Insufficient Session-ID Length.
High
Unreviewed
CVE-2019-7280
was published
May 24, 2022
Progress Sitefinity 10.1.6536 does not invalidate session cookies upon logouts. It instead tries...
Moderate
Unreviewed
CVE-2019-7215
was published
May 24, 2022
The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x...
Moderate
Unreviewed
CVE-2019-3790
was published
May 24, 2022
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2...
Moderate
Unreviewed
CVE-2019-4072
was published
May 24, 2022
A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1...
Critical
Unreviewed
CVE-2018-6634
was published
May 24, 2022
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager...
High
Unreviewed
CVE-2022-23669
was published
May 18, 2022
Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass...
Critical
Unreviewed
CVE-2014-2595
was published
May 17, 2022
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are...
Critical
Unreviewed
CVE-2016-5069
was published
May 17, 2022
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking...
High
Unreviewed
CVE-2017-6529
was published
May 17, 2022
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are...
Moderate
Unreviewed
CVE-2017-1000135
was published
May 17, 2022
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are...
Moderate
Unreviewed
CVE-2017-1000136
was published
May 17, 2022
iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and...
High
Unreviewed
CVE-2017-6145
was published
May 17, 2022
IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to...
Moderate
Unreviewed
CVE-2017-1693
was published
May 14, 2022
Improper administrator IP validation after his login in the HTTPd server in all current versions ...
High
Unreviewed
CVE-2017-15653
was published
May 14, 2022
Philips ISCV application prior to version 2.3.0 has an insufficient session expiration...
Moderate
Unreviewed
CVE-2018-5438
was published
May 14, 2022
A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded)...
Moderate
Unreviewed
CVE-2018-7758
was published
May 14, 2022
Symfony DoS
Moderate
CVE-2018-11386
was published
for
symfony/http-foundation
(Composer)
May 14, 2022
In Cloud Controller versions prior to 1.46.0, cf-deployment versions prior to 1.3.0, and cf...
High
Unreviewed
CVE-2018-1195
was published
May 13, 2022
SimpleSAMLphp Invalid token creation and validation
Moderate
CVE-2017-12867
was published
for
simplesamlphp/simplesamlphp
(Composer)
May 13, 2022
OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote...
High
Unreviewed
CVE-2017-11667
was published
May 13, 2022
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to...
Moderate
Unreviewed
CVE-2017-1000131
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API