GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,527

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

196 advisories

Filter by severity

Sort by

Least recently updated

A flaw was found in WildFly Elytron. A variation to the use of a session fixation exploit when... Moderate Unreviewed

CVE-2021-20324 was published Apr 19, 2022

A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface... High Unreviewed

CVE-2020-25152 was published Apr 15, 2022

Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to... High Unreviewed

CVE-2010-1434 was published Apr 21, 2022

Wind River VxWorks 6.5 through 6.9 and vx7 has Session Fixation in the TCP component. This is a... High Unreviewed

CVE-2019-12258 was published May 24, 2022

IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an... High Unreviewed

CVE-2016-9981 was published May 17, 2022

Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and... Critical Unreviewed

CVE-2015-1174 was published May 17, 2022

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise... Moderate Unreviewed

CVE-2022-43529 was published Jan 5, 2023

Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an... Moderate Unreviewed

CVE-2017-0892 was published May 13, 2022

Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform... Moderate Unreviewed

CVE-2017-2145 was published May 17, 2022

IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could... Low Unreviewed

CVE-2016-9703 was published May 17, 2022

Session fixation vulnerability in access control management in Synology Photo Station before 6.8... High Unreviewed

CVE-2022-22681 was published Jul 7, 2022

Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9... High Unreviewed

CVE-2017-4014 was published May 17, 2022

Tivoli Storage Manager Operations Center could allow a local user to take over a previously... High Unreviewed

CVE-2016-6043 was published May 17, 2022

IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user... Moderate Unreviewed

CVE-2016-6040 was published May 17, 2022

IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with... Moderate Unreviewed

CVE-2017-1152 was published May 17, 2022

In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. High Unreviewed

CVE-2017-6412 was published May 17, 2022

Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1,... Moderate Unreviewed

CVE-2017-5831 was published May 17, 2022

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,... Moderate Unreviewed

CVE-2017-5141 was published May 17, 2022

Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack... High Unreviewed

CVE-2016-10205 was published May 17, 2022

Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log... High Unreviewed

CVE-2022-34536 was published Jul 20, 2022

This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200... Critical Unreviewed

CVE-2022-40630 was published Sep 25, 2022

IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security... Moderate Unreviewed

CVE-2019-4304 was published May 24, 2022

IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners... High Unreviewed

CVE-2019-4227 was published May 24, 2022

Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie... Moderate Unreviewed

CVE-2022-30769 was published Nov 16, 2022

A vulnerability, which was classified as critical, has been found in kassi xingwall. This issue... Moderate Unreviewed

CVE-2014-125048 was published Jan 6, 2023

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

196 advisories