Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
Django allows user sessions hijacking via an empty string in the session key Moderate
CVE-2015-3982 was published for Django (pip) May 17, 2022
MarkLee131
phpMyAdmin Bypass logout timeout Moderate
CVE-2016-9851 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
OpenStack Horizon Session Fixation Moderate
CVE-2012-2144 was published for horizon (pip) May 17, 2022
Jenkins Google Login Plugin Session Fixation vulnerability Moderate
CVE-2018-1000173 was published for org.jenkins-ci.plugins:google-login (Maven) May 14, 2022
Jenkins SAML Plugin Session Fixation vulnerability Moderate
CVE-2018-1000602 was published for org.jenkins-ci.plugins:saml (Maven) May 14, 2022
Session Fixation in Jenkins Moderate
CVE-2018-1000409 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
GitHub Authentication Plugin session fixation vulnerability Moderate
CVE-2019-1003019 was published for org.jenkins-ci.plugins:github-oauth (Maven) May 13, 2022
TYPO3 is vulnerable to Session Fixation Moderate
CVE-2010-3671 was published for typo3/cms-install (Composer) Apr 21, 2022
Session fixation Moderate
CVE-2020-5205 was published for pow (Erlang) Apr 12, 2022
Shopware guest session is shared between customers Moderate
CVE-2022-24745 was published for shopware/platform (Composer) Mar 10, 2022
Session fixation in express-openid-connect Moderate
CVE-2021-41246 was published for express-openid-connect (npm) Dec 9, 2021
Cookie persistence after password changes in symfony/security-bundle Moderate
CVE-2021-41268 was published for symfony/security-bundle (Composer) Nov 24, 2021
thibaut-decherit wouterj
Session Fixation Moderate
CVE-2021-32710 was published for shopware/platform (Composer) Sep 8, 2021
Session Fixation in Subrion CMS Moderate
CVE-2020-12467 was published for intelliants/subrion (Composer) Jun 22, 2021
Session fixation in change password form Moderate
CVE-2019-12203 was published for silverstripe/framework (Composer) Nov 12, 2019
Session fixation vulnerability in Rails Moderate
CVE-2007-5380 was published for rails (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database