Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

216 advisories

Loading
A vulnerability was found in Totolink T8 4.1.5cu.833_20220905. It has been rated as problematic.... Low Unreviewed
CVE-2024-0944 was published Jan 26, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as... Low Unreviewed
CVE-2024-0350 was published Jan 10, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Engineers... Moderate Unreviewed
CVE-2024-0260 was published Jan 7, 2024
An arithmetic overflow flaw was found in Satellite when creating a new personal access token.... High Unreviewed
CVE-2023-4320 was published Dec 30, 2023
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to... High Unreviewed
CVE-2023-51772 was published Dec 25, 2023
An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control... High Unreviewed
CVE-2023-49935 was published Dec 14, 2023
Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Moderate Unreviewed
CVE-2023-5889 was published Nov 1, 2023
Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to... Moderate Unreviewed
CVE-2023-39695 was published Nov 1, 2023
Insufficient Session Expiration in GitHub repository linkstackorg/linkstack prior to v4.2.9. Moderate Unreviewed
CVE-2023-5838 was published Oct 29, 2023
IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than... Critical Unreviewed
CVE-2023-46158 was published Oct 25, 2023
HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate... Moderate Unreviewed
CVE-2023-37504 was published Oct 19, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive... Moderate Unreviewed
CVE-2021-20581 was published Oct 17, 2023
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows... High Unreviewed
CVE-2023-33303 was published Oct 13, 2023
When a non-admin user has been assigned an administrator role via an iControl REST PUT request... High Unreviewed
CVE-2023-42768 was published Oct 10, 2023
An authenticated user's session cookie may remain valid for a limited time after logging out... High Unreviewed
CVE-2023-40537 was published Oct 10, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile... Low Unreviewed
CVE-2023-40732 was published Sep 14, 2023
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session... High Unreviewed
CVE-2023-37570 was published Aug 8, 2023
Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5. Low Unreviewed
CVE-2023-4005 was published Jul 31, 2023
An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an... Critical Unreviewed
CVE-2023-28001 was published Jul 11, 2023
An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to... High Unreviewed
CVE-2023-36252 was published Jun 26, 2023
In Siren Investigate before 13.2.2, session keys remain active even after logging out. Critical Unreviewed
CVE-2023-35857 was published Jun 19, 2023
Mattermost fails to check if an admin user account active after an oauth2 flow is started,... Moderate Unreviewed
CVE-2023-2788 was published Jun 16, 2023
IBM Security Guardium 11.5 could allow a user to take over another user's session due to... High Unreviewed
CVE-2023-0041 was published Jun 5, 2023
IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which... Moderate Unreviewed
CVE-2020-4914 was published May 5, 2023
IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information... Moderate Unreviewed
CVE-2022-38707 was published May 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database