Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

29 advisories

Loading
Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking... Critical Unreviewed
CVE-2024-8643 was published Sep 27, 2024
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being... Critical Unreviewed
CVE-2023-0897 was published Oct 26, 2023
Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain... Critical Unreviewed
CVE-2023-42322 was published Sep 20, 2023
An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a... Critical Unreviewed
CVE-2023-41012 was published Sep 5, 2023
A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat... Critical Unreviewed
CVE-2023-28316 was published May 10, 2023
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via... Critical Unreviewed
CVE-2019-18418 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web... Critical Unreviewed
CVE-2021-41553 was published May 24, 2022
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to... Critical Unreviewed
CVE-2023-48929 was published Dec 8, 2023
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows... Critical Unreviewed
CVE-2023-31498 was published May 11, 2023
Certain NetModule devices allow Limited Session Fixation via PHPSESSID. These models with... Critical Unreviewed
CVE-2021-39290 was published May 24, 2022
TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable... Critical Unreviewed
CVE-2022-22922 was published Feb 19, 2022
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb... Critical Unreviewed
CVE-2021-42761 was published Feb 16, 2023
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the... Critical Unreviewed
CVE-2021-20151 was published Dec 31, 2021
/bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an... Critical Unreviewed
CVE-2017-15304 was published May 17, 2022
VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of... Critical Unreviewed
CVE-2018-6959 was published May 14, 2022
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel... Critical Unreviewed
CVE-2018-11714 was published May 14, 2022
The application was vulnerable to a session fixation that could be used hijack accounts. Critical Unreviewed
CVE-2022-40293 was published Nov 1, 2022
Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as... Critical Unreviewed
CVE-2018-18925 was published May 14, 2022
DbNinja 3.2.7 allows session fixation via the data.php sessid parameter. Critical Unreviewed
CVE-2019-7747 was published May 14, 2022
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote... Critical Unreviewed
CVE-2019-5523 was published May 14, 2022
Session fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web... Critical Unreviewed
CVE-2017-12965 was published May 14, 2022
Session cookies are not used for maintaining valid sessions in iTrack Easy. The user's password... Critical Unreviewed
CVE-2016-6545 was published May 13, 2022
Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session... Critical Unreviewed
CVE-2016-9125 was published May 13, 2022
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM)... Critical Unreviewed
CVE-2017-3968 was published May 13, 2022
VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious... Critical Unreviewed
CVE-2022-31689 was published Nov 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database