GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,566
Composer 4,201
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 884
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,930

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

197 advisories

Filter by severity

Sort by

Least recently updated

A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7... High Unreviewed

CVE-2023-50176 was published Nov 12, 2024

A session fixation issue was discovered in the NGINX OpenID Connect reference implementation,... Moderate Unreviewed

CVE-2024-10318 was published Nov 6, 2024

In NetAdmin 4.0.30319, an attacker can steal a valid session cookie and inject it into another... High Unreviewed

CVE-2024-48955 was published Oct 29, 2024

A vulnerability classified as problematic has been found in PHPGurukul Boat Booking System 1.0.... Moderate Unreviewed

CVE-2024-10158 was published Oct 20, 2024

Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking... Critical Unreviewed

CVE-2024-8643 was published Sep 27, 2024

The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a... High Unreviewed

CVE-2024-45368 was published Sep 13, 2024

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2).... Moderate Unreviewed

CVE-2024-42345 was published Sep 10, 2024

IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could... Moderate Unreviewed

CVE-2023-38018 was published Aug 12, 2024

An issue in Outline <= v0.76.1 allows attackers to execute a session hijacking attack via user... High Unreviewed

CVE-2024-37829 was published Jul 9, 2024

A session fixation vulnerability in Bludit allows an attacker to bypass the server's... Unknown Unreviewed

CVE-2024-24552 was published Jun 24, 2024

IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or... Moderate Unreviewed

CVE-2023-38002 was published Apr 30, 2024

A vulnerability was found in Bdtask Wholesale Inventory Management System up to 20240311. It has... Moderate Unreviewed

CVE-2024-2639 was published Mar 19, 2024

Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a... High Unreviewed

CVE-2024-22250 was published Feb 20, 2024

Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive... Low Unreviewed

CVE-2023-45718 was published Feb 10, 2024

IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable... Moderate Unreviewed

CVE-2024-22318 was published Feb 9, 2024

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an... Moderate Unreviewed

CVE-2023-50941 was published Feb 2, 2024

An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum... High Unreviewed

CVE-2023-52353 was published Jan 22, 2024

An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID... Moderate Unreviewed

CVE-2023-50920 was published Jan 12, 2024

A vulnerability classified as problematic has been found in SourceCodester Engineers Online... Low Unreviewed

CVE-2024-0351 was published Jan 10, 2024

A session hijacking vulnerability has been detected in the Imou Life application affecting... High Unreviewed

CVE-2023-6913 was published Dec 19, 2023

Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to... Critical Unreviewed

CVE-2023-48929 was published Dec 8, 2023

Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken... Moderate Unreviewed

CVE-2023-5309 was published Nov 7, 2023

Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being... Critical Unreviewed

CVE-2023-0897 was published Oct 26, 2023

A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on... High Unreviewed

CVE-2023-45687 was published Oct 16, 2023

Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain... Critical Unreviewed

CVE-2023-42322 was published Sep 20, 2023

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

197 advisories