GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
200 advisories
Filter by severity
An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8, 16.10.x before 16.10.5,...
High
Unreviewed
CVE-2017-14163
was published
May 13, 2022
ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting...
Moderate
Unreviewed
CVE-2017-10600
was published
May 13, 2022
Session cookies are not used for maintaining valid sessions in iTrack Easy. The user's password...
Critical
Unreviewed
CVE-2016-6545
was published
May 13, 2022
Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session...
Critical
Unreviewed
CVE-2016-9125
was published
May 13, 2022
nss before version 3.30 is vulnerable to a remote denial of service during the session handshake...
Moderate
Unreviewed
CVE-2016-9574
was published
May 13, 2022
Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an...
Moderate
Unreviewed
CVE-2017-0892
was published
May 13, 2022
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow...
Moderate
Unreviewed
CVE-2017-12225
was published
May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure...
Moderate
Unreviewed
CVE-2017-1368
was published
May 13, 2022
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM)...
Critical
Unreviewed
CVE-2017-3968
was published
May 13, 2022
A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On...
Moderate
Unreviewed
CVE-2018-0229
was published
May 13, 2022
A vulnerability in the session identification management functionality of the web-based...
Moderate
Unreviewed
CVE-2018-0359
was published
May 13, 2022
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior,...
Moderate
Unreviewed
CVE-2018-10591
was published
May 13, 2022
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7...
Moderate
Unreviewed
CVE-2018-13282
was published
May 13, 2022
A bug causing session fixation in Nextcloud Server prior to 14.0.0, 13.0.3 and 12.0.8 could...
Low
Unreviewed
CVE-2018-16463
was published
May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The...
Moderate
Unreviewed
CVE-2018-17902
was published
May 13, 2022
Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens...
High
Unreviewed
CVE-2018-1127
was published
May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not renew a session variable after...
High
Unreviewed
CVE-2018-1375
was published
May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the 'HttpOnly'...
Moderate
Unreviewed
CVE-2018-1480
was published
May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute...
Moderate
Unreviewed
CVE-2018-1484
was published
May 13, 2022
IBM Jazz Foundation products could allow a user with physical access to the system to log in as...
Moderate
Unreviewed
CVE-2018-1492
was published
May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable...
Moderate
Unreviewed
CVE-2018-1485
was published
May 13, 2022
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not renew a session...
Moderate
Unreviewed
CVE-2018-1626
was published
May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not...
Moderate
Unreviewed
CVE-2018-1804
was published
May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not...
Moderate
Unreviewed
CVE-2018-1948
was published
May 13, 2022
IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the...
Low
Unreviewed
CVE-2018-1962
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API