GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
294 advisories
Filter by severity
A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated...
Critical
Unreviewed
CVE-2020-27739
was published
May 24, 2022
Immuta v2.8.2 is affected by improper session management: user sessions are not revoked upon logout.
High
Unreviewed
CVE-2020-15950
was published
May 24, 2022
Microweber Insufficient Session Expiry
Moderate
CVE-2020-23136
was published
for
microweber/microweber
(Composer)
May 24, 2022
Microweber 1.1.18 is affected by insufficient session expiration. When changing passwords, both...
High
Unreviewed
CVE-2020-23140
was published
May 24, 2022
In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire...
Critical
Unreviewed
CVE-2020-27422
was published
May 24, 2022
Gitaly Insufficient Session Expiration vulnerability
Low
CVE-2020-13353
was published
for
gitaly
(RubyGems)
May 24, 2022
IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could...
Moderate
Unreviewed
CVE-2020-4696
was published
May 24, 2022
In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie...
Critical
Unreviewed
CVE-2020-29667
was published
May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033....
High
Unreviewed
CVE-2016-20007
was published
May 24, 2022
Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have...
High
Unreviewed
CVE-2021-3183
was published
May 24, 2022
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could...
Moderate
Unreviewed
CVE-2020-14247
was published
May 24, 2022
An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and...
Critical
Unreviewed
CVE-2020-6649
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 does not invalidate session after logout...
Moderate
Unreviewed
CVE-2020-4995
was published
May 24, 2022
Magento Insufficient Session Expiration
Moderate
CVE-2021-21032
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Insufficient Session Expiration
Moderate
CVE-2021-21031
was published
for
magento/community-edition
(Composer)
May 24, 2022
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through...
Moderate
Unreviewed
CVE-2021-27351
was published
May 24, 2022
SaltStack Salt eauth tokens can be used once after expiration
Critical
CVE-2021-3144
was published
for
salt
(pip)
May 24, 2022
DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On...
Critical
Unreviewed
CVE-2020-35358
was published
May 24, 2022
A vulnerability was found in the Quay web application. Sessions in the Quay web application never...
Moderate
Unreviewed
CVE-2019-3867
was published
May 24, 2022
A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software...
High
Unreviewed
CVE-2021-1501
was published
May 24, 2022
In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where...
Low
Unreviewed
CVE-2021-22136
was published
May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5...
Moderate
Unreviewed
CVE-2021-22221
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series...
High
Unreviewed
CVE-2021-1542
was published
May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not invalidate session after logout...
High
Unreviewed
CVE-2021-20378
was published
May 24, 2022
An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine...
Moderate
Unreviewed
CVE-2021-26037
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API