Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

310 advisories

Loading
Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration... Critical Unreviewed
CVE-2021-36330 was published Dec 1, 2021
Mahavitaran android application 7.50 and prior are affected by account takeover due to improper... Critical Unreviewed
CVE-2020-27416 was published Dec 9, 2021
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2018-0152 was published May 13, 2022
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in... Moderate Unreviewed
CVE-2017-3966 was published May 13, 2022
The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one... Moderate Unreviewed
CVE-2017-3215 was published May 13, 2022
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller... Moderate Unreviewed
CVE-2017-14007 was published May 13, 2022
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive... Low Unreviewed
CVE-2016-0234 was published May 13, 2022
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to... Moderate Unreviewed
CVE-2017-1000131 was published May 13, 2022
OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote... High Unreviewed
CVE-2017-11667 was published May 13, 2022
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2... Moderate Unreviewed
CVE-2019-4072 was published May 24, 2022
"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout... Moderate Unreviewed
CVE-2022-40230 was published Nov 4, 2022
A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded)... Moderate Unreviewed
CVE-2018-7758 was published May 14, 2022
Philips ISCV application prior to version 2.3.0 has an insufficient session expiration... Moderate Unreviewed
CVE-2018-5438 was published May 14, 2022
Improper administrator IP validation after his login in the HTTPd server in all current versions ... High Unreviewed
CVE-2017-15653 was published May 14, 2022
IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to... Moderate Unreviewed
CVE-2017-1693 was published May 14, 2022
iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and... High Unreviewed
CVE-2017-6145 was published May 17, 2022
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are... Moderate Unreviewed
CVE-2017-1000136 was published May 17, 2022
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are... Moderate Unreviewed
CVE-2017-1000135 was published May 17, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session... Moderate Unreviewed
CVE-2022-22371 was published Jan 5, 2023
In Cloud Controller versions prior to 1.46.0, cf-deployment versions prior to 1.3.0, and cf... High Unreviewed
CVE-2018-1195 was published May 13, 2022
An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware... Critical Unreviewed
CVE-2021-35034 was published Dec 30, 2021
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8... High Unreviewed
CVE-2021-45885 was published Dec 30, 2021
In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through... Critical Unreviewed
CVE-2021-25981 was published Jan 4, 2022
Insufficient Session Expiration in shopware Low
CVE-2022-21652 was published for shopware/shopware (Composer) Jan 6, 2022
In Mattermost Focalboard, versions prior to v0.7.5, v0.8.4, v0.9.5, v0.10.1 and v0.11.0-rc1; as... Critical Unreviewed
CVE-2022-22122 was published Jan 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database