Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

216 advisories

Loading
An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater... High Unreviewed
CVE-2023-30403 was published May 2, 2023
A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker... High Unreviewed
CVE-2023-28003 was published Apr 18, 2023
In LemonLDAP::NG before 2.0.15. some sessions are not deleted when they are supposed to be... Moderate Unreviewed
CVE-2022-37186 was published Apr 16, 2023
A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate... Critical Unreviewed
CVE-2023-1854 was published Apr 5, 2023
This disclosure regards a vulnerability related to UAA refresh tokens and external identity... Moderate Unreviewed
CVE-2023-20903 was published Mar 28, 2023
Rapid7 InsightVM suffers from insufficient session expiration when an administrator performs a... Moderate Unreviewed
CVE-2021-3844 was published Mar 24, 2023
IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user... Low Unreviewed
CVE-2023-22591 was published Mar 15, 2023
An insufficient session expiration vulnerability exists in the ArubaOS command line interface.... Low Unreviewed
CVE-2023-22771 was published Mar 1, 2023
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10... Critical Unreviewed
CVE-2022-48317 was published Feb 20, 2023
SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration... Moderate Unreviewed
CVE-2022-34392 was published Feb 11, 2023
IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access... High Unreviewed
CVE-2022-43844 was published Jan 5, 2023
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session... Moderate Unreviewed
CVE-2022-22371 was published Jan 5, 2023
IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.9, 2018.4.1.0 through... Moderate Unreviewed
CVE-2022-40228 was published Nov 22, 2022
Fusiondirectory 1.3 suffers from Improper Session Handling. Critical Unreviewed
CVE-2022-36179 was published Nov 22, 2022
"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout... Moderate Unreviewed
CVE-2022-40230 was published Nov 4, 2022
In affected versions of Octopus Server it is possible for a session token to be valid... Critical Unreviewed
CVE-2022-2782 was published Oct 27, 2022
Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom... Critical Unreviewed
CVE-2021-46279 was published Oct 24, 2022
devhub 0.102.0 was discovered to contain a broken session control. Moderate Unreviewed
CVE-2022-41542 was published Oct 17, 2022
IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow... Moderate Unreviewed
CVE-2022-41291 was published Oct 7, 2022
In affected versions of Octopus Server it was identified that a session cookie could be used as... Moderate Unreviewed
CVE-2022-2783 was published Oct 6, 2022
By sending specific queries to the resolver, an attacker can cause named to crash. High Unreviewed
CVE-2022-3080 was published Sep 22, 2022
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has... Moderate Unreviewed
CVE-2019-5641 was published Sep 22, 2022
Mealie1.0.0beta3 does not terminate download tokens after a user logs out, allowing attackers to... Moderate Unreviewed
CVE-2022-34624 was published Aug 20, 2022
Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2. High Unreviewed
CVE-2022-2820 was published Aug 16, 2022
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x... Critical Unreviewed
CVE-2022-35728 was published Aug 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database