GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
183 advisories
Filter by severity
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or...
Moderate
Unreviewed
CVE-2023-38002
was published
Apr 30, 2024
A vulnerability was found in Bdtask Wholesale Inventory Management System up to 20240311. It has...
Moderate
Unreviewed
CVE-2024-2639
was published
Mar 19, 2024
Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a...
High
Unreviewed
CVE-2024-22250
was published
Feb 20, 2024
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an...
Moderate
Unreviewed
CVE-2023-50941
was published
Feb 2, 2024
An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum...
High
Unreviewed
CVE-2023-52353
was published
Jan 22, 2024
An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID...
Moderate
Unreviewed
CVE-2023-50920
was published
Jan 12, 2024
A vulnerability classified as problematic has been found in SourceCodester Engineers Online...
Low
Unreviewed
CVE-2024-0351
was published
Jan 10, 2024
A session hijacking vulnerability has been detected in the Imou Life application affecting...
High
Unreviewed
CVE-2023-6913
was published
Dec 19, 2023
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to...
Critical
Unreviewed
CVE-2023-48929
was published
Dec 8, 2023
Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken...
Moderate
Unreviewed
CVE-2023-5309
was published
Nov 7, 2023
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being...
Critical
Unreviewed
CVE-2023-0897
was published
Oct 26, 2023
A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on...
High
Unreviewed
CVE-2023-45687
was published
Oct 16, 2023
Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain...
Critical
Unreviewed
CVE-2023-42322
was published
Sep 20, 2023
Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows...
High
Unreviewed
CVE-2023-3711
was published
Sep 12, 2023
An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a...
Critical
Unreviewed
CVE-2023-41012
was published
Sep 5, 2023
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1.
Moderate
Unreviewed
CVE-2023-4649
was published
Aug 31, 2023
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC...
High
Unreviewed
CVE-2023-24477
was published
Aug 9, 2023
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1.
Moderate
Unreviewed
CVE-2023-3394
was published
Jun 23, 2023
Some access control products are vulnerable to a session hijacking attack because the product...
High
Unreviewed
CVE-2023-28809
was published
Jun 15, 2023
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows...
Critical
Unreviewed
CVE-2023-31498
was published
May 11, 2023
A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat...
Critical
Unreviewed
CVE-2023-28316
was published
May 10, 2023
A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to...
High
Unreviewed
CVE-2023-30056
was published
May 9, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6,...
Moderate
Unreviewed
CVE-2023-1265
was published
May 3, 2023
Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.
High
Unreviewed
CVE-2022-31888
was published
Apr 6, 2023
ProTip!
Advisories are also available from the
GraphQL API