GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
287 advisories
Filter by severity
This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200...
Critical
Unreviewed
CVE-2022-40630
was published
Sep 25, 2022
Apache IoTDB Session Fixation vulnerability
Moderate
CVE-2022-38369
was published
for
apache-iotdb
(Maven)
Sep 6, 2022
Apache Airflow Session Fixation vulnerability
Critical
CVE-2022-38054
was published
for
apache-airflow
(pip)
Sep 3, 2022
Insufficient Session Expiration in snipe/snipe-it
Moderate
CVE-2022-2997
was published
for
snipe/snipe-it
(Composer)
Aug 26, 2022
A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6...
High
Unreviewed
CVE-2022-30605
was published
Aug 23, 2022
Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2.
High
Unreviewed
CVE-2022-2820
was published
Aug 16, 2022
Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A...
Moderate
Unreviewed
CVE-2022-33927
was published
Aug 11, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log...
High
Unreviewed
CVE-2022-34536
was published
Jul 20, 2022
Session fixation vulnerability in access control management in Synology Photo Station before 6.8...
High
Unreviewed
CVE-2022-22681
was published
Jul 7, 2022
Passport vulnerable to session regeneration when a users logs in or out
Moderate
CVE-2022-25896
was published
for
passport
(npm)
Jul 2, 2022
Hybridsessions does not expire session id on logout
Moderate
CVE-2022-24444
was published
for
silverstripe/hybridsessions
(Composer)
Jun 29, 2022
Improper user session handling in filegator
Moderate
CVE-2022-1849
was published
for
filegator/filegator
(Composer)
May 25, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly...
High
Unreviewed
CVE-2020-25198
was published
May 24, 2022
SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or...
High
Unreviewed
CVE-2020-15909
was published
May 24, 2022
As of v1.5.0, the Argo web interface authentication system issued immutable tokens....
Moderate
Unreviewed
CVE-2020-8826
was published
May 24, 2022
Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT...
High
Unreviewed
CVE-2020-5645
was published
May 24, 2022
Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17...
Critical
Unreviewed
CVE-2016-10405
was published
May 24, 2022
An issue was discovered in Barrier before 2.4.0. An attacker can enter an active session state...
High
Unreviewed
CVE-2021-42073
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web...
Critical
Unreviewed
CVE-2021-41553
was published
May 24, 2022
Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows...
Moderate
Unreviewed
CVE-2021-35948
was published
May 24, 2022
Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git...
Moderate
Unreviewed
CVE-2021-22237
was published
May 24, 2022
Certain NetModule devices allow Limited Session Fixation via PHPSESSID. These models with...
Critical
Unreviewed
CVE-2021-39290
was published
May 24, 2022
A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when...
High
Unreviewed
CVE-2021-22927
was published
May 24, 2022
Session fixation vulnerability in Jenkins
High
CVE-2021-21671
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS which allows an attacker to...
Moderate
Unreviewed
CVE-2021-35046
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API