Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,964
Erlang
29
GitHub Actions
16
Go
1,746
Maven
4,974
npm
3,507
NuGet
609
pip
3,071
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

263 advisories

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise... Moderate Unreviewed
CVE-2022-43529 was published Jan 5, 2023
Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and... Critical Unreviewed
CVE-2015-1174 was published May 17, 2022
IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an... High Unreviewed
CVE-2016-9981 was published May 17, 2022
Wind River VxWorks 6.5 through 6.9 and vx7 has Session Fixation in the TCP component. This is a... High Unreviewed
CVE-2019-12258 was published May 24, 2022
Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to... High Unreviewed
CVE-2010-1434 was published Apr 21, 2022
A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface... High Unreviewed
CVE-2020-25152 was published Apr 15, 2022
A flaw was found in WildFly Elytron. A variation to the use of a session fixation exploit when... Moderate Unreviewed
CVE-2021-20324 was published Apr 19, 2022
Session fixation vulnerability in Jenkins OpenID Plugin High
CVE-2023-24444 was published for org.jenkins-ci.plugins:openid (Maven) Jan 26, 2023
Session fixation Moderate
CVE-2020-5205 was published for pow (Erlang) Apr 12, 2022
Improper Authentication in org.keycloak:keycloak-core High
CVE-2016-8609 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Insufficient Session Expiration in Kiali High
CVE-2020-1762 was published for github.com/kiali/kiali (Go) May 18, 2021
Access and integrity issue within Eclipse Jetty High
CVE-2018-12538 was published for org.eclipse.jetty:jetty-server (Maven) Oct 16, 2018
Session Fixation in Tryton Moderate
CVE-2018-19443 was published for tryton (pip) Nov 29, 2018
ProTip! Advisories are also available from the GraphQL API