GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
87 advisories
Filter by severity
Wind River VxWorks 6.5 through 6.9 and vx7 has Session Fixation in the TCP component. This is a...
High
Unreviewed
CVE-2019-12258
was published
May 24, 2022
A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core...
High
Unreviewed
CVE-2019-5406
was published
May 24, 2022
An internal product security audit discovered a session handling vulnerability in the web...
High
Unreviewed
CVE-2019-6161
was published
May 24, 2022
IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners...
High
Unreviewed
CVE-2019-4227
was published
May 24, 2022
eQ-3 HomeMatic CCU3 firmware 3.41.11 allows session fixation. An attacker can create session IDs...
High
Unreviewed
CVE-2019-15849
was published
May 24, 2022
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an...
High
Unreviewed
CVE-2019-11173
was published
May 24, 2022
An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management...
High
Unreviewed
CVE-2020-11728
was published
May 24, 2022
On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side...
High
Unreviewed
CVE-2020-5894
was published
May 24, 2022
Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series ...
High
Unreviewed
CVE-2020-5654
was published
May 24, 2022
The authentication token required to execute NSDP write requests on NETGEAR JGS516PE/GS116Ev2 v2...
High
Unreviewed
CVE-2020-35229
was published
May 24, 2022
In VOS user session identifier (authentication token) is issued to the browser prior to...
High
Unreviewed
CVE-2018-16495
was published
May 24, 2022
A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when...
High
Unreviewed
CVE-2021-22927
was published
May 24, 2022
An issue was discovered in Barrier before 2.4.0. An attacker can enter an active session state...
High
Unreviewed
CVE-2021-42073
was published
May 24, 2022
Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT...
High
Unreviewed
CVE-2020-5645
was published
May 24, 2022
SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or...
High
Unreviewed
CVE-2020-15909
was published
May 24, 2022
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly...
High
Unreviewed
CVE-2020-25198
was published
May 24, 2022
Session fixation vulnerability in access control management in Synology Photo Station before 6.8...
High
Unreviewed
CVE-2022-22681
was published
Jul 7, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log...
High
Unreviewed
CVE-2022-34536
was published
Jul 20, 2022
Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2.
High
Unreviewed
CVE-2022-2820
was published
Aug 16, 2022
A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6...
High
Unreviewed
CVE-2022-30605
was published
Aug 23, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.10), SICAM P850 (All...
High
Unreviewed
CVE-2022-40226
was published
Oct 11, 2022
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER...
High
Unreviewed
CVE-2022-43398
was published
Nov 8, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to an unsafe implementation of...
High
Unreviewed
CVE-2022-44007
was published
Nov 17, 2022
An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could...
High
Unreviewed
CVE-2020-15679
was published
Dec 22, 2022
An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session...
High
Unreviewed
CVE-2022-44017
was published
Dec 25, 2022
ProTip!
Advisories are also available from the
GraphQL API