GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
28 advisories
Filter by severity
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-35211
was published
Jun 11, 2024
HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not...
Low
Unreviewed
CVE-2024-30142
was published
Nov 7, 2024
rdiffweb vulnerable to Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
High
CVE-2022-3174
was published
for
rdiffweb
(pip)
Sep 14, 2022
rdiffweb has insecure HTTP cookies
Moderate
CVE-2022-3250
was published
for
rdiffweb
(pip)
Sep 22, 2022
Taipy has a Session Cookie without Secure and HTTPOnly flags
Moderate
CVE-2024-47833
was published
for
taipy
(pip)
Aug 27, 2024
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies....
Moderate
Unreviewed
CVE-2024-43180
was published
Sep 13, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for...
Moderate
Unreviewed
CVE-2024-41684
was published
Jul 26, 2024
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session...
Moderate
Unreviewed
CVE-2023-33860
was published
Jul 10, 2024
Sensitive Cookie Without HttpOnly and Secure Flag
High
CVE-2017-1000046
was published
for
mautic/core
(Composer)
May 13, 2022
Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops...
High
Unreviewed
CVE-2024-2493
was published
Apr 23, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization...
Moderate
Unreviewed
CVE-2023-46179
was published
Mar 15, 2024
Macaron csrf missing encryption and has sensitive cookies in HTTP session without secure attribute
High
CVE-2018-25060
was published
for
github.com/go-macaron/csrf
(Go)
Dec 30, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3...
Moderate
Unreviewed
CVE-2023-42016
was published
Feb 9, 2024
LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client...
Moderate
Unreviewed
CVE-2021-3882
was published
May 24, 2022
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as...
Low
Unreviewed
CVE-2024-0349
was published
Jan 10, 2024
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the...
Low
Unreviewed
CVE-2023-5035
was published
Nov 2, 2023
Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq
Moderate
CVE-2023-5866
was published
for
thorsten/phpmyfaq
(Composer)
Oct 31, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum...
Moderate
Unreviewed
CVE-2023-3520
was published
Jul 6, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft...
Low
Unreviewed
CVE-2023-4654
was published
Aug 31, 2023
Within the Service Desk module of the ITarian platform (SAAS and on-premise), a remote attacker...
High
Unreviewed
CVE-2022-25151
was published
Jun 10, 2022
usememos/memos missing Secure cookie attribute
Moderate
CVE-2022-4683
was published
for
github.com/usememos/memos
(Go)
Dec 23, 2022
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The...
Moderate
Unreviewed
CVE-2021-27764
was published
May 7, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ...
Moderate
Unreviewed
CVE-2022-24045
was published
May 21, 2022
phpMyFAQ has insecure HTTP cookies
High
CVE-2022-4409
was published
for
thorsten/phpmyfaq
(Composer)
Dec 11, 2022
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls...
Moderate
Unreviewed
CVE-2022-21940
was published
Feb 9, 2023
ProTip!
Advisories are also available from the
GraphQL API