GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,881

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

128 advisories

Filter by severity

Sort by

Least recently updated

An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17... Moderate Unreviewed

CVE-2024-11668 was published Nov 26, 2024

Mage AI incorrectly gives privileges to users with deleted accounts Moderate

CVE-2024-45187 was published for mage-ai (pip) Aug 23, 2024

IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for... Moderate Unreviewed

CVE-2024-35160 was published Nov 23, 2024

A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue... Moderate Unreviewed

CVE-2024-11208 was published Nov 14, 2024

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed

CVE-2024-46892 was published Nov 12, 2024

cskefu v7 suffers from Insufficient Session Expiration, which allows attackers to exploit the old... Moderate Unreviewed

CVE-2024-29402 was published Apr 17, 2024

IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration.... Moderate Unreviewed

CVE-2024-46040 was published Oct 7, 2024

The MFA management features did not properly terminate existing user sessions when a user's MFA... Moderate Unreviewed

CVE-2024-21722 was published Feb 29, 2024

Umbraco CMS logout page displayed before session expiration Moderate

CVE-2024-48926 was published for Umbraco.CMS (NuGet) Oct 22, 2024

The logout operation in the CloudStack web interface does not expire the user session completely... Moderate Unreviewed

CVE-2024-45462 was published Oct 16, 2024

OctoPrint vulnerable to Insufficient Session Expiration. Moderate

CVE-2022-2888 was published for OctoPrint (pip) Sep 22, 2022

HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain... Moderate Unreviewed

CVE-2024-23586 was published Sep 28, 2024

incomplete JupyterHub logout with simultaneous JupyterLab sessions Moderate

CVE-2021-41247 was published for jupyterhub (pip) Nov 8, 2021

IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which... Moderate Unreviewed

CVE-2024-38315 was published Sep 16, 2024

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2).... Moderate Unreviewed

CVE-2024-32006 was published Sep 10, 2024

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in... Moderate Unreviewed

CVE-2024-36523 was published Jun 12, 2024

An issue was discovered in Linksys Router E1700 1.0.04 (build 3), allows authenticated attackers... Moderate Unreviewed

CVE-2024-22543 was published Feb 27, 2024

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10... Moderate Unreviewed

CVE-2022-38382 was published Aug 13, 2024

IBM Aspera Orchestrator 4.0.1 does not invalidate session after a password change which could... Moderate Unreviewed

CVE-2023-26288 was published Jul 30, 2024

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses... Moderate Unreviewed

CVE-2022-32759 was published Jul 25, 2024

Reportico Web fails to invalidate cookies upon logout Moderate

CVE-2024-31556 was published for reportico-web/reportico (Composer) May 14, 2024

An issue in SurveyKing v1.3.1 allows attackers to execute a session replay attack after a user... Moderate Unreviewed

CVE-2024-35048 was published May 14, 2024

Directus Lacks Session Tokens Invalidation Moderate

CVE-2024-34709 was published for directus (npm) May 13, 2024

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not invalidate session after logout which... Moderate Unreviewed

CVE-2023-40695 was published May 3, 2024

Keycloak vulnerable to session hijacking via re-authentication Moderate

CVE-2023-6787 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

128 advisories