GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,110

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

125 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6... High Unreviewed

CVE-2022-30605 was published Aug 23, 2022

Session Fixation in Apache Zeppelin High

CVE-2017-12619 was published for org.apache.zeppelin:zeppelin (Maven) Apr 24, 2019

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time... High Unreviewed

CVE-2018-17199 was published May 13, 2022

A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1... High Unreviewed

CVE-2018-6434 was published May 13, 2022

A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to... High Unreviewed

CVE-2018-9026 was published May 13, 2022

An issue was discovered in BACKCLICK Professional 5.9.63. Due to an unsafe implementation of... High Unreviewed

CVE-2022-44007 was published Nov 17, 2022

Session Fixation vulnerability in login.php in Pluck-CMS Pluck 4.7.15 allows an attacker to... High Unreviewed

CVE-2021-31745 was published Dec 11, 2021

In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens... High Unreviewed

CVE-2019-11213 was published May 13, 2022

Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before... High Unreviewed

CVE-2019-0102 was published May 13, 2022

Improper session management when using SAP Cloud Platform 2.0 (Connectivity Service and Cloud... High Unreviewed

CVE-2018-2409 was published May 13, 2022

Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI... High Unreviewed

CVE-2018-2408 was published May 13, 2022

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or... High Unreviewed

CVE-2018-8852 was published May 13, 2022

A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000,... High Unreviewed

CVE-2018-5465 was published May 13, 2022

Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a... High Unreviewed

CVE-2018-5385 was published May 13, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not renew a session variable after... High Unreviewed

CVE-2018-1375 was published May 13, 2022

Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens... High Unreviewed

CVE-2018-1127 was published May 13, 2022

An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8, 16.10.x before 16.10.5,... High Unreviewed

CVE-2017-14163 was published May 13, 2022

Honeywell NVR devices allow remote attackers to create a user account in the admin group by... High Unreviewed

CVE-2017-14263 was published May 13, 2022

An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and... High Unreviewed

CVE-2019-9744 was published May 14, 2022

AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation... High Unreviewed

CVE-2015-5384 was published May 14, 2022

The console login resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before... High Unreviewed

CVE-2017-18105 was published May 14, 2022

Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before... High Unreviewed

CVE-2018-20238 was published May 14, 2022

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the password... High Unreviewed

CVE-2018-9082 was published May 14, 2022

Session fixation exists in ZoneMinder through 1.32.3, as an attacker can fixate his own session... High Unreviewed

CVE-2019-7350 was published May 14, 2022

An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web... High Unreviewed

CVE-2018-14387 was published May 14, 2022

Previous 12…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

125 advisories