GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,505

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

196 advisories

Filter by severity

Sort by

Least recently updated

IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could... Moderate Unreviewed

CVE-2022-34334 was published Oct 11, 2022

A vulnerability has been identified in SICAM P850 (All versions < V3.10), SICAM P850 (All... High Unreviewed

CVE-2022-40226 was published Oct 11, 2022

This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200... Critical Unreviewed

CVE-2022-40630 was published Sep 25, 2022

A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6... High Unreviewed

CVE-2022-30605 was published Aug 23, 2022

Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2. High Unreviewed

CVE-2022-2820 was published Aug 16, 2022

Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A... Moderate Unreviewed

CVE-2022-33927 was published Aug 11, 2022

Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log... High Unreviewed

CVE-2022-34536 was published Jul 20, 2022

Session fixation vulnerability in access control management in Synology Photo Station before 6.8... High Unreviewed

CVE-2022-22681 was published Jul 7, 2022

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly... High Unreviewed

CVE-2020-25198 was published May 24, 2022

SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or... High Unreviewed

CVE-2020-15909 was published May 24, 2022

As of v1.5.0, the Argo web interface authentication system issued immutable tokens.... Moderate Unreviewed

CVE-2020-8826 was published May 24, 2022

Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT... High Unreviewed

CVE-2020-5645 was published May 24, 2022

Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17... Critical Unreviewed

CVE-2016-10405 was published May 24, 2022

An issue was discovered in Barrier before 2.4.0. An attacker can enter an active session state... High Unreviewed

CVE-2021-42073 was published May 24, 2022

** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web... Critical Unreviewed

CVE-2021-41553 was published May 24, 2022

Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows... Moderate Unreviewed

CVE-2021-35948 was published May 24, 2022

Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git... Moderate Unreviewed

CVE-2021-22237 was published May 24, 2022

Certain NetModule devices allow Limited Session Fixation via PHPSESSID. These models with... Critical Unreviewed

CVE-2021-39290 was published May 24, 2022

A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when... High Unreviewed

CVE-2021-22927 was published May 24, 2022

A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS which allows an attacker to... Moderate Unreviewed

CVE-2021-35046 was published May 24, 2022

Cubecart 6.4.2 allows Session Fixation. The application does not generate a new session cookie... Moderate Unreviewed

CVE-2021-33394 was published May 24, 2022

In VOS user session identifier (authentication token) is issued to the browser prior to... High Unreviewed

CVE-2018-16495 was published May 24, 2022

The authentication token required to execute NSDP write requests on NETGEAR JGS516PE/GS116Ev2 v2... High Unreviewed

CVE-2020-35229 was published May 24, 2022

Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are... Moderate Unreviewed

CVE-2019-18946 was published May 24, 2022

Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new... Moderate Unreviewed

CVE-2020-35591 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

196 advisories