GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
67 advisories
Filter by severity
A vulnerability classified as problematic has been found in PHPGurukul Boat Booking System 1.0....
Moderate
Unreviewed
CVE-2024-10158
was published
Oct 20, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2)....
Moderate
Unreviewed
CVE-2024-42345
was published
Sep 10, 2024
IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could...
Moderate
Unreviewed
CVE-2023-38018
was published
Aug 12, 2024
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or...
Moderate
Unreviewed
CVE-2023-38002
was published
Apr 30, 2024
A vulnerability was found in Bdtask Wholesale Inventory Management System up to 20240311. It has...
Moderate
Unreviewed
CVE-2024-2639
was published
Mar 19, 2024
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an...
Moderate
Unreviewed
CVE-2023-50941
was published
Feb 2, 2024
An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID...
Moderate
Unreviewed
CVE-2023-50920
was published
Jan 12, 2024
Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken...
Moderate
Unreviewed
CVE-2023-5309
was published
Nov 7, 2023
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1.
Moderate
Unreviewed
CVE-2023-4649
was published
Aug 31, 2023
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1.
Moderate
Unreviewed
CVE-2023-3394
was published
Jun 23, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6,...
Moderate
Unreviewed
CVE-2023-1265
was published
May 3, 2023
A vulnerability, which was classified as critical, has been found in kassi xingwall. This issue...
Moderate
Unreviewed
CVE-2014-125048
was published
Jan 6, 2023
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise...
Moderate
Unreviewed
CVE-2022-43529
was published
Jan 5, 2023
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0...
Moderate
Unreviewed
CVE-2022-38628
was published
Dec 13, 2022
An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user...
Moderate
Unreviewed
CVE-2022-44788
was published
Nov 22, 2022
Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie...
Moderate
Unreviewed
CVE-2022-30769
was published
Nov 16, 2022
IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could...
Moderate
Unreviewed
CVE-2022-34334
was published
Oct 11, 2022
Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A...
Moderate
Unreviewed
CVE-2022-33927
was published
Aug 11, 2022
As of v1.5.0, the Argo web interface authentication system issued immutable tokens....
Moderate
Unreviewed
CVE-2020-8826
was published
May 24, 2022
Session fixation on password protected public links in the ownCloud Server before 10.8.0 allows...
Moderate
Unreviewed
CVE-2021-35948
was published
May 24, 2022
Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git...
Moderate
Unreviewed
CVE-2021-22237
was published
May 24, 2022
A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS which allows an attacker to...
Moderate
Unreviewed
CVE-2021-35046
was published
May 24, 2022
Cubecart 6.4.2 allows Session Fixation. The application does not generate a new session cookie...
Moderate
Unreviewed
CVE-2021-33394
was published
May 24, 2022
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are...
Moderate
Unreviewed
CVE-2019-18946
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API