GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,217
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,288
npm 3,767
NuGet 680
pip 3,454
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,581

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

212 advisories

Filter by severity

Sort by

Least recently updated

Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a... High Unreviewed

CVE-2024-22250 was published Feb 20, 2024

Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive... Low Unreviewed

CVE-2023-45718 was published Feb 10, 2024

IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable... Moderate Unreviewed

CVE-2024-22318 was published Feb 9, 2024

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an... Moderate Unreviewed

CVE-2023-50941 was published Feb 2, 2024

An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum... High Unreviewed

CVE-2023-52353 was published Jan 22, 2024

An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID... Moderate Unreviewed

CVE-2023-50920 was published Jan 12, 2024

A vulnerability classified as problematic has been found in SourceCodester Engineers Online... Low Unreviewed

CVE-2024-0351 was published Jan 10, 2024

A session hijacking vulnerability has been detected in the Imou Life application affecting... High Unreviewed

CVE-2023-6913 was published Dec 19, 2023

Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to... Critical Unreviewed

CVE-2023-48929 was published Dec 8, 2023

Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken... Moderate Unreviewed

CVE-2023-5309 was published Nov 7, 2023

Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being... Critical Unreviewed

CVE-2023-0897 was published Oct 26, 2023

A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on... High Unreviewed

CVE-2023-45687 was published Oct 16, 2023

Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain... Critical Unreviewed

CVE-2023-42322 was published Sep 20, 2023

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows... High Unreviewed

CVE-2023-3711 was published Sep 12, 2023

An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a... Critical Unreviewed

CVE-2023-41012 was published Sep 5, 2023

Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1. Moderate Unreviewed

CVE-2023-4649 was published Aug 31, 2023

In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC... Moderate Unreviewed

CVE-2023-24477 was published Aug 9, 2023

In visitUris of RemoteViews.java, there is a possible leak of images between users due to a... Moderate Unreviewed

CVE-2023-21238 was published Jul 13, 2023

In visitUris of Notification.java, there is a possible way to leak image data across user... Moderate Unreviewed

CVE-2023-21239 was published Jul 13, 2023

An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video... High Unreviewed

CVE-2023-34656 was published Jun 29, 2023

Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. Moderate Unreviewed

CVE-2023-3394 was published Jun 23, 2023

Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful... Moderate Unreviewed

CVE-2023-34156 was published Jun 19, 2023

Some access control products are vulnerable to a session hijacking attack because the product... High Unreviewed

CVE-2023-28809 was published Jun 15, 2023

A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows... Critical Unreviewed

CVE-2023-31498 was published May 11, 2023

A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat... Critical Unreviewed

CVE-2023-28316 was published May 10, 2023

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

212 advisories