GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
273 advisories
Filter by severity
An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web...
High
Unreviewed
CVE-2018-14387
was published
May 14, 2022
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at...
High
Unreviewed
CVE-2018-11474
was published
May 14, 2022
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel...
Critical
Unreviewed
CVE-2018-11714
was published
May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon...
High
Unreviewed
CVE-2017-18125
was published
May 14, 2022
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1...
High
Unreviewed
CVE-2018-11475
was published
May 14, 2022
An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. The admin login session...
High
Unreviewed
CVE-2018-10252
was published
May 14, 2022
In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the...
Moderate
Unreviewed
CVE-2018-1148
was published
May 14, 2022
Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session...
High
Unreviewed
CVE-2013-2049
was published
May 14, 2022
Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3...
High
Unreviewed
CVE-2018-0564
was published
May 14, 2022
VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of...
Critical
Unreviewed
CVE-2018-6959
was published
May 14, 2022
Apache IoTDB Session Fixation vulnerability
High
CVE-2022-38369
was published
for
apache-iotdb
(Maven)
Sep 6, 2022
A Session Fixation Vulnerability exists in the MT4 Networks SenhaSegura Web Application 2.2.23.8...
High
Unreviewed
CVE-2017-11562
was published
May 14, 2022
IBM Security Guardium 10.0 does not renew a session variable after a successful authentication...
Low
Unreviewed
CVE-2017-1270
was published
May 14, 2022
Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware...
Moderate
Unreviewed
CVE-2017-10890
was published
May 17, 2022
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from...
High
Unreviewed
CVE-2017-1000150
was published
May 17, 2022
/bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an...
Critical
Unreviewed
CVE-2017-15304
was published
May 17, 2022
** DISPUTED ** FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass...
High
Unreviewed
CVE-2017-11191
was published
May 17, 2022
IBM Sterling Partner Engagement Manager 2.0 does not invalidate session after logout which could...
Moderate
Unreviewed
CVE-2022-34334
was published
Oct 11, 2022
A vulnerability has been identified in SICAM P850 (All versions < V3.10), SICAM P850 (All...
High
Unreviewed
CVE-2022-40226
was published
Oct 11, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the...
Critical
Unreviewed
CVE-2021-20151
was published
Dec 31, 2021
Session fixation vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7...
Moderate
Unreviewed
CVE-2014-4789
was published
May 17, 2022
DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An...
High
Unreviewed
CVE-2022-22551
was published
Jan 22, 2022
An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user...
Moderate
Unreviewed
CVE-2022-44788
was published
Nov 22, 2022
IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session...
High
Unreviewed
CVE-2021-39066
was published
Feb 3, 2022
ProTip!
Advisories are also available from the
GraphQL API