GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
128 advisories
Filter by severity
Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session...
Moderate
Unreviewed
CVE-2024-25954
was published
Mar 28, 2024
A CWE-613 “Insufficient Session Expiration” vulnerability in the web application, due to the...
Moderate
Unreviewed
CVE-2023-45600
was published
Mar 5, 2024
The MFA management features did not properly terminate existing user sessions when a user's MFA...
Moderate
Unreviewed
CVE-2024-21722
was published
Feb 29, 2024
An issue was discovered in Linksys Router E1700 1.0.04 (build 3), allows authenticated attackers...
Moderate
Unreviewed
CVE-2024-22543
was published
Feb 27, 2024
Session Fixation Apache DolphinScheduler
Moderate
CVE-2023-50270
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Feb 20, 2024
Insufficient Session Expiration in github.com/greenpau/caddy-security
Moderate
CVE-2024-21492
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in...
Moderate
Unreviewed
CVE-2024-0008
was published
Feb 14, 2024
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session...
Moderate
Unreviewed
CVE-2023-45187
was published
Feb 9, 2024
IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an...
Moderate
Unreviewed
CVE-2023-50936
was published
Feb 2, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Engineers...
Moderate
Unreviewed
CVE-2024-0260
was published
Jan 7, 2024
yt-dlp Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection
Moderate
CVE-2023-46121
was published
for
yt-dlp
(pip)
Nov 15, 2023
Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5889
was published
Nov 1, 2023
Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to...
Moderate
Unreviewed
CVE-2023-39695
was published
Nov 1, 2023
Insufficient Session Expiration in GitHub repository linkstackorg/linkstack prior to v4.2.9.
Moderate
Unreviewed
CVE-2023-5838
was published
Oct 29, 2023
HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate...
Moderate
Unreviewed
CVE-2023-37504
was published
Oct 19, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive...
Moderate
Unreviewed
CVE-2021-20581
was published
Oct 17, 2023
@node-saml/node-saml's validatePostRequestAsync does not include checkTimestampsValidityError
Moderate
CVE-2023-40178
was published
for
@node-saml/node-saml
(npm)
Aug 21, 2023
Admidio Insufficient Session Expiration vulnerability
Moderate
CVE-2023-4190
was published
for
admidio/admidio
(Composer)
Aug 6, 2023
Answer Insufficient Session Expiration vulnerability
Moderate
CVE-2023-4126
was published
for
github.com/answerdev/answer
(Go)
Aug 3, 2023
Mattermost fails to check if an admin user account active after an oauth2 flow is started,...
Moderate
Unreviewed
CVE-2023-2788
was published
Jun 16, 2023
IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which...
Moderate
Unreviewed
CVE-2020-4914
was published
May 5, 2023
IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2022-38707
was published
May 5, 2023
Concrete CMS missing secure cookie parameters
Moderate
CVE-2023-28472
was published
for
concrete5/concrete5
(Composer)
Apr 28, 2023
In LemonLDAP::NG before 2.0.15. some sessions are not deleted when they are supposed to be...
Moderate
Unreviewed
CVE-2022-37186
was published
Apr 16, 2023
Firefly III insufficiently expires sessions
Moderate
CVE-2023-1788
was published
for
grumpydictator/firefly-iii
(Composer)
Apr 5, 2023
ProTip!
Advisories are also available from the
GraphQL API