GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
191 advisories
Filter by severity
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the...
Critical
Unreviewed
CVE-2021-20151
was published
Dec 31, 2021
Session fixation vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7...
Moderate
Unreviewed
CVE-2014-4789
was published
May 17, 2022
DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An...
High
Unreviewed
CVE-2022-22551
was published
Jan 22, 2022
An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user...
Moderate
Unreviewed
CVE-2022-44788
was published
Nov 22, 2022
IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session...
High
Unreviewed
CVE-2021-39066
was published
Feb 3, 2022
Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297...
High
Unreviewed
CVE-2021-29368
was published
Jan 20, 2023
Session fixation vulnerability in pcsd in pcs before 0.9.157.
High
Unreviewed
CVE-2016-0721
was published
May 17, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 does not invalidate session tokens in a timely...
Moderate
Unreviewed
CVE-2019-4152
was published
May 24, 2022
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb...
Critical
Unreviewed
CVE-2021-42761
was published
Feb 16, 2023
An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can...
High
Unreviewed
CVE-2021-44151
was published
Dec 14, 2021
Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.
High
Unreviewed
CVE-2022-31888
was published
Apr 6, 2023
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER...
High
Unreviewed
CVE-2022-43398
was published
Nov 8, 2022
Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2.
High
Unreviewed
CVE-2022-2820
was published
Aug 16, 2022
TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable...
Critical
Unreviewed
CVE-2022-22922
was published
Feb 19, 2022
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1.
Moderate
Unreviewed
CVE-2023-4649
was published
Aug 31, 2023
Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken...
Moderate
Unreviewed
CVE-2023-5309
was published
Nov 7, 2023
Certain NetModule devices allow Limited Session Fixation via PHPSESSID. These models with...
Critical
Unreviewed
CVE-2021-39290
was published
May 24, 2022
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1.
Moderate
Unreviewed
CVE-2023-3394
was published
Jun 23, 2023
An issue was discovered in Barrier before 2.4.0. An attacker can enter an active session state...
High
Unreviewed
CVE-2021-42073
was published
May 24, 2022
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows...
Critical
Unreviewed
CVE-2023-31498
was published
May 11, 2023
A session hijacking vulnerability has been detected in the Imou Life application affecting...
High
Unreviewed
CVE-2023-6913
was published
Dec 19, 2023
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to...
Critical
Unreviewed
CVE-2023-48929
was published
Dec 8, 2023
A vulnerability classified as problematic has been found in SourceCodester Engineers Online...
Low
Unreviewed
CVE-2024-0351
was published
Jan 10, 2024
An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID...
Moderate
Unreviewed
CVE-2023-50920
was published
Jan 12, 2024
IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an...
Moderate
Unreviewed
CVE-2023-50941
was published
Feb 2, 2024
ProTip!
Advisories are also available from the
GraphQL API