GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,675

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

216 advisories

Filter by severity

Sort by

Least recently updated

NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ... Moderate Unreviewed

CVE-2022-30698 was published Aug 2, 2022

NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the ... Moderate Unreviewed

CVE-2022-30699 was published Aug 2, 2022

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S ... High Unreviewed

CVE-2022-33137 was published Jul 13, 2022

IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout... Critical Unreviewed

CVE-2022-22317 was published Jun 21, 2022

IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout... Critical Unreviewed

CVE-2022-22318 was published Jun 21, 2022

** DISPUTED ** A vulnerability has been found in Microsoft O365 and classified as critical. The... High Unreviewed

CVE-2022-2076 was published Jun 15, 2022

BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration... Moderate Unreviewed

CVE-2022-30277 was published Jun 3, 2022

In “Orchard core CMS” application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an... High Unreviewed

CVE-2021-25966 was published May 24, 2022

In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack... High Unreviewed

CVE-2021-33322 was published May 24, 2022

In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration.... High Unreviewed

CVE-2021-25940 was published May 24, 2022

In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s... Critical Unreviewed

CVE-2021-25985 was published May 24, 2022

A vulnerability in the web-based management interface of multiple Cisco Small Business Series... High Unreviewed

CVE-2021-34739 was published May 24, 2022

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web... Critical Unreviewed

CVE-2021-40849 was published May 24, 2022

IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to... Moderate Unreviewed

CVE-2021-29868 was published May 24, 2022

The vulnerability can be described as a failure to invalidate user session upon password change.... Moderate Unreviewed

CVE-2021-35214 was published May 24, 2022

IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session... Moderate Unreviewed

CVE-2021-20473 was published May 24, 2022

An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and... Critical Unreviewed

CVE-2021-24019 was published May 24, 2022

Laravel Booking System Booking Core 2.0 is vulnerable to Session Management. A password change at... Critical Unreviewed

CVE-2021-37333 was published May 24, 2022

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an... Critical Unreviewed

CVE-2021-38823 was published May 24, 2022

An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may... Moderate Unreviewed

CVE-2020-29012 was published May 24, 2022

An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3... High Unreviewed

CVE-2021-33982 was published May 24, 2022

Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to... High Unreviewed

CVE-2021-39113 was published May 24, 2022

The useradm service 1.14.0 (in Northern.tech Mender Enterprise 2.7.x before 2.7.1) and 1.13.0 (in... High Unreviewed

CVE-2021-35342 was published May 24, 2022

Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor... High Unreviewed

CVE-2021-37156 was published May 24, 2022

IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after... Moderate Unreviewed

CVE-2021-20431 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

216 advisories