GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
191 advisories
Filter by severity
Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows...
High
Unreviewed
CVE-2023-3711
was published
Sep 12, 2023
Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain...
Critical
Unreviewed
CVE-2023-42322
was published
Sep 20, 2023
A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on...
High
Unreviewed
CVE-2023-45687
was published
Oct 16, 2023
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being...
Critical
Unreviewed
CVE-2023-0897
was published
Oct 26, 2023
eQ-3 HomeMatic CCU3 firmware 3.41.11 allows session fixation. An attacker can create session IDs...
High
Unreviewed
CVE-2019-15849
was published
May 24, 2022
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or...
Moderate
Unreviewed
CVE-2023-38002
was published
Apr 30, 2024
A session fixation vulnerability in Bludit allows an attacker to bypass the server's...
Unknown
Unreviewed
CVE-2024-24552
was published
Jun 24, 2024
An issue in Outline <= v0.76.1 allows attackers to execute a session hijacking attack via user...
High
Unreviewed
CVE-2024-37829
was published
Jul 9, 2024
As of v1.5.0, the Argo web interface authentication system issued immutable tokens....
Moderate
Unreviewed
CVE-2020-8826
was published
May 24, 2022
IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could...
Moderate
Unreviewed
CVE-2023-38018
was published
Aug 12, 2024
Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive...
Low
Unreviewed
CVE-2023-45718
was published
Feb 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2)....
Moderate
Unreviewed
CVE-2024-42345
was published
Sep 10, 2024
The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a...
High
Unreviewed
CVE-2024-45368
was published
Sep 13, 2024
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC...
High
Unreviewed
CVE-2023-24477
was published
Aug 9, 2023
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking...
Critical
Unreviewed
CVE-2024-8643
was published
Sep 27, 2024
ProTip!
Advisories are also available from the
GraphQL API