GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

206 advisories

Filter by severity

Sort by

Least recently updated

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration... Critical Unreviewed

CVE-2021-36330 was published Dec 1, 2021

An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase®... Critical Unreviewed

CVE-2021-42545 was published Dec 1, 2021

Mahavitaran android application 7.50 and prior are affected by account takeover due to improper... Critical Unreviewed

CVE-2020-27416 was published Dec 9, 2021

An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8... High Unreviewed

CVE-2021-45885 was published Dec 30, 2021

An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware... Critical Unreviewed

CVE-2021-35034 was published Dec 30, 2021

In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through... Critical Unreviewed

CVE-2021-25981 was published Jan 4, 2022

Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging... Low Unreviewed

CVE-2022-22283 was published Jan 11, 2022

In Mattermost Focalboard, versions prior to v0.7.5, v0.8.4, v0.9.5, v0.10.1 and v0.11.0-rc1; as... Critical Unreviewed

CVE-2022-22122 was published Jan 14, 2022

In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session... High Unreviewed

CVE-2022-22113 was published Jan 14, 2022

Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side... High Unreviewed

CVE-2021-37866 was published Jan 19, 2022

A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to... Critical Unreviewed

CVE-2021-22820 was published Jan 29, 2022

In Ifme, versions 1.0.0 to v.7.33.2 don’t properly invalidate a user’s session even after the... Critical Unreviewed

CVE-2021-25992 was published Feb 11, 2022

In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't... High Unreviewed

CVE-2022-24341 was published Feb 26, 2022

In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie. Moderate Unreviewed

CVE-2022-24332 was published Feb 26, 2022

IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after logout which could allow an... Moderate Unreviewed

CVE-2021-38986 was published Mar 2, 2022

A vulnerability was found in the 389 Directory Server that allows expired passwords to access the... High Unreviewed

CVE-2022-0996 was published Mar 24, 2022

SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing... Moderate Unreviewed

CVE-2022-25590 was published Mar 26, 2022

An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each... High Unreviewed

CVE-2009-20001 was published Apr 21, 2022

In Shopizer versions 2.3.0 to 3.0.1 are vulnerable to Insufficient Session Expiration. When a... High Unreviewed

CVE-2022-23063 was published May 4, 2022

HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session... Low Unreviewed

CVE-2021-27751 was published May 7, 2022

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Critical Unreviewed

CVE-2022-24042 was published May 11, 2022

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK... High Unreviewed

CVE-2016-8712 was published May 13, 2022

nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key... Moderate Unreviewed

CVE-2014-3616 was published May 13, 2022

A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish... Moderate Unreviewed

CVE-2019-0015 was published May 13, 2022

On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not... High Unreviewed

CVE-2018-10990 was published May 13, 2022

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

206 advisories