GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,217
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,288
npm 3,767
NuGet 680
pip 3,454
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,581

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

212 advisories

Filter by severity

Sort by

Least recently updated

A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to... High Unreviewed

CVE-2023-30056 was published May 9, 2023

An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6,... Moderate Unreviewed

CVE-2023-1265 was published May 3, 2023

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2. High Unreviewed

CVE-2022-31888 was published Apr 6, 2023

A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb... Critical Unreviewed

CVE-2021-42761 was published Feb 16, 2023

Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297... High Unreviewed

CVE-2021-29368 was published Jan 20, 2023

A vulnerability, which was classified as critical, has been found in kassi xingwall. This issue... Moderate Unreviewed

CVE-2014-125048 was published Jan 6, 2023

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise... Moderate Unreviewed

CVE-2022-43529 was published Jan 5, 2023

An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session... High Unreviewed

CVE-2022-44017 was published Dec 25, 2022

An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could... High Unreviewed

CVE-2020-15679 was published Dec 22, 2022

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0... Moderate Unreviewed

CVE-2022-38628 was published Dec 13, 2022

An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user... Moderate Unreviewed

CVE-2022-44788 was published Nov 22, 2022

An issue was discovered in BACKCLICK Professional 5.9.63. Due to an unsafe implementation of... High Unreviewed

CVE-2022-44007 was published Nov 17, 2022

Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie... Moderate Unreviewed

CVE-2022-30769 was published Nov 16, 2022

VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious... Critical Unreviewed

CVE-2022-31689 was published Nov 10, 2022

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER... High Unreviewed

CVE-2022-43398 was published Nov 8, 2022

The application was vulnerable to a session fixation that could be used hijack accounts. Critical Unreviewed

CVE-2022-40293 was published Nov 1, 2022

IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could... Moderate Unreviewed

CVE-2022-34334 was published Oct 11, 2022

A vulnerability has been identified in SICAM P850 (All versions < V3.10), SICAM P850 (All... High Unreviewed

CVE-2022-40226 was published Oct 11, 2022

This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200... Critical Unreviewed

CVE-2022-40630 was published Sep 25, 2022

A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6... High Unreviewed

CVE-2022-30605 was published Aug 23, 2022

Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2. High Unreviewed

CVE-2022-2820 was published Aug 16, 2022

Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A... Moderate Unreviewed

CVE-2022-33927 was published Aug 11, 2022

Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log... High Unreviewed

CVE-2022-34536 was published Jul 20, 2022

Session fixation vulnerability in access control management in Synology Photo Station before 6.8... High Unreviewed

CVE-2022-22681 was published Jul 7, 2022

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly... High Unreviewed

CVE-2020-25198 was published May 24, 2022

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

212 advisories