GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,784

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

200 advisories

Filter by severity

Sort by

Least recently updated

A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on... High Unreviewed

CVE-2023-45687 was published Oct 16, 2023

Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain... Critical Unreviewed

CVE-2023-42322 was published Sep 20, 2023

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows... High Unreviewed

CVE-2023-3711 was published Sep 12, 2023

An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a... Critical Unreviewed

CVE-2023-41012 was published Sep 5, 2023

Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1. Moderate Unreviewed

CVE-2023-4649 was published Aug 31, 2023

In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC... Moderate Unreviewed

CVE-2023-24477 was published Aug 9, 2023

In visitUris of Notification.java, there is a possible way to leak image data across user... Moderate Unreviewed

CVE-2023-21239 was published Jul 13, 2023

In visitUris of RemoteViews.java, there is a possible leak of images between users due to a... Moderate Unreviewed

CVE-2023-21238 was published Jul 13, 2023

An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video... High Unreviewed

CVE-2023-34656 was published Jun 29, 2023

Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. Moderate Unreviewed

CVE-2023-3394 was published Jun 23, 2023

Some access control products are vulnerable to a session hijacking attack because the product... High Unreviewed

CVE-2023-28809 was published Jun 15, 2023

A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows... Critical Unreviewed

CVE-2023-31498 was published May 11, 2023

A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat... Critical Unreviewed

CVE-2023-28316 was published May 10, 2023

A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to... High Unreviewed

CVE-2023-30056 was published May 9, 2023

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6,... Moderate Unreviewed

CVE-2023-1265 was published May 3, 2023

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2. High Unreviewed

CVE-2022-31888 was published Apr 6, 2023

A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb... Critical Unreviewed

CVE-2021-42761 was published Feb 16, 2023

Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297... High Unreviewed

CVE-2021-29368 was published Jan 20, 2023

A vulnerability, which was classified as critical, has been found in kassi xingwall. This issue... Moderate Unreviewed

CVE-2014-125048 was published Jan 6, 2023

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise... Moderate Unreviewed

CVE-2022-43529 was published Jan 5, 2023

An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session... High Unreviewed

CVE-2022-44017 was published Dec 25, 2022

An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could... High Unreviewed

CVE-2020-15679 was published Dec 22, 2022

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0... Moderate Unreviewed

CVE-2022-38628 was published Dec 13, 2022

An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user... Moderate Unreviewed

CVE-2022-44788 was published Nov 22, 2022

An issue was discovered in BACKCLICK Professional 5.9.63. Due to an unsafe implementation of... High Unreviewed

CVE-2022-44007 was published Nov 17, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

200 advisories