GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
206 advisories
Filter by severity
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared...
High
Unreviewed
CVE-2017-12191
was published
May 13, 2022
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller...
Moderate
Unreviewed
CVE-2017-14007
was published
May 13, 2022
The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one...
Moderate
Unreviewed
CVE-2017-3215
was published
May 13, 2022
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in...
Moderate
Unreviewed
CVE-2017-3966
was published
May 13, 2022
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an...
High
Unreviewed
CVE-2018-0152
was published
May 13, 2022
XS Command-Line Interface (CLI) user sessions with the SAP HANA Extended Application Services (XS...
Moderate
Unreviewed
CVE-2018-2451
was published
May 13, 2022
On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not...
High
Unreviewed
CVE-2018-10990
was published
May 13, 2022
A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish...
Moderate
Unreviewed
CVE-2019-0015
was published
May 13, 2022
nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key...
Moderate
Unreviewed
CVE-2014-3616
was published
May 13, 2022
An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK...
High
Unreviewed
CVE-2016-8712
was published
May 13, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ...
Critical
Unreviewed
CVE-2022-24042
was published
May 11, 2022
HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session...
Low
Unreviewed
CVE-2021-27751
was published
May 7, 2022
In Shopizer versions 2.3.0 to 3.0.1 are vulnerable to Insufficient Session Expiration. When a...
High
Unreviewed
CVE-2022-23063
was published
May 4, 2022
An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each...
High
Unreviewed
CVE-2009-20001
was published
Apr 21, 2022
SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing...
Moderate
Unreviewed
CVE-2022-25590
was published
Mar 26, 2022
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the...
High
Unreviewed
CVE-2022-0996
was published
Mar 24, 2022
IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after logout which could allow an...
Moderate
Unreviewed
CVE-2021-38986
was published
Mar 2, 2022
In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie.
Moderate
Unreviewed
CVE-2022-24332
was published
Feb 26, 2022
In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't...
High
Unreviewed
CVE-2022-24341
was published
Feb 26, 2022
In Ifme, versions 1.0.0 to v.7.33.2 don’t properly invalidate a user’s session even after the...
Critical
Unreviewed
CVE-2021-25992
was published
Feb 11, 2022
A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to...
Critical
Unreviewed
CVE-2021-22820
was published
Jan 29, 2022
Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side...
High
Unreviewed
CVE-2021-37866
was published
Jan 19, 2022
In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session...
High
Unreviewed
CVE-2022-22113
was published
Jan 14, 2022
In Mattermost Focalboard, versions prior to v0.7.5, v0.8.4, v0.9.5, v0.10.1 and v0.11.0-rc1; as...
Critical
Unreviewed
CVE-2022-22122
was published
Jan 14, 2022
Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging...
Low
Unreviewed
CVE-2022-22283
was published
Jan 11, 2022
ProTip!
Advisories are also available from the
GraphQL API