Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

286 advisories

Loading
Session Fixation in Jenkins Moderate
CVE-2018-1000409 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Password Change Vulnerability Moderate
CVE-2023-49804 was published for uptime-kuma (npm) Dec 12, 2023
manoonabbasi
Session fixation vulnerability in Jenkins High
CVE-2021-21671 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Jenkins SAML Plugin Session Fixation vulnerability Moderate
CVE-2018-1000602 was published for org.jenkins-ci.plugins:saml (Maven) May 14, 2022
Jenkins Gitlab Authentication Plugin vulnerable to Session Fixation High
CVE-2019-10371 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) May 24, 2022
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows... Critical Unreviewed
CVE-2023-31498 was published May 11, 2023
An issue was discovered in Barrier before 2.4.0. An attacker can enter an active session state... High Unreviewed
CVE-2021-42073 was published May 24, 2022
Symfony possible session fixation vulnerability Moderate
CVE-2023-46733 was published for symfony/security-http (Composer) Nov 12, 2023
RobertMe
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. Moderate Unreviewed
CVE-2023-3394 was published Jun 23, 2023
Certain NetModule devices allow Limited Session Fixation via PHPSESSID. These models with... Critical Unreviewed
CVE-2021-39290 was published May 24, 2022
Session fixation vulnerability in Rails Moderate
CVE-2007-5380 was published for rails (RubyGems) Oct 24, 2017
Session fixation in fastify-passport High
CVE-2023-29019 was published for @fastify/passport (npm) Apr 21, 2023
pedromigueladao lavish
Uptime Kuma has Persistentent User Sessions High
CVE-2023-44400 was published for uptime-kuma (npm) Oct 10, 2023
Nansess dj4oC
Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken... Moderate Unreviewed
CVE-2023-5309 was published Nov 7, 2023
Jenkins WSO2 Oauth Plugin Session Fixation vulnerability High
CVE-2023-33005 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 16, 2023
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1. Moderate Unreviewed
CVE-2023-4649 was published Aug 31, 2023
Froxlor Session Fixation vulnerability Moderate
CVE-2023-3192 was published for froxlor/froxlor (Composer) Jun 11, 2023
Jenkins OpenShift Login Plugin session fixation vulnerability High
CVE-2023-37946 was published for org.openshift.jenkins:openshift-login (Maven) Jul 12, 2023
Session Fixation in ipsilon Critical
CVE-2016-8638 was published for ipsilon (pip) May 14, 2022
tdunlap607
Passport vulnerable to session regeneration when a users logs in or out Moderate
CVE-2022-25896 was published for passport (npm) Jul 2, 2022
jhutchings1
rest-client Gem Vulnerable to Session Fixation Critical
CVE-2015-1820 was published for rest-client (RubyGems) Aug 13, 2018
TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable... Critical Unreviewed
CVE-2022-22922 was published Feb 19, 2022
CodeIgniter Session Fixation Vulnerability Critical
CVE-2018-12071 was published for codeigniter/framework (Composer) May 14, 2022
KubePi session fixation attack allows an attacker to hijack a legitimate user session. High
CVE-2023-22479 was published for github.com/KubeOperator/kubepi (Go) Jan 9, 2023
Symfony vulnerable to Session Fixation of CSRF tokens Moderate
CVE-2022-24895 was published for symfony/security-bundle (Composer) Feb 1, 2023
nicolas-grekas lavish
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database