Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

232 advisories

Loading
A vulnerability classified as problematic has been found in SourceCodester Engineers Online... Low Unreviewed
CVE-2024-0351 was published Jan 10, 2024
A session hijacking vulnerability has been detected in the Imou Life application affecting... High Unreviewed
CVE-2023-6913 was published Dec 19, 2023
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to... Critical Unreviewed
CVE-2023-48929 was published Dec 8, 2023
Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken... Moderate Unreviewed
CVE-2023-5309 was published Nov 7, 2023
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being... Critical Unreviewed
CVE-2023-0897 was published Oct 26, 2023
A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on... High Unreviewed
CVE-2023-45687 was published Oct 16, 2023
Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain... Critical Unreviewed
CVE-2023-42322 was published Sep 20, 2023
Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows... High Unreviewed
CVE-2023-3711 was published Sep 12, 2023
An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a... Critical Unreviewed
CVE-2023-41012 was published Sep 5, 2023
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1. Moderate Unreviewed
CVE-2023-4649 was published Aug 31, 2023
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC... Moderate Unreviewed
CVE-2023-24477 was published Aug 9, 2023
In visitUris of RemoteViews.java, there is a possible leak of images between users due to a... Moderate Unreviewed
CVE-2023-21238 was published Jul 13, 2023
In visitUris of Notification.java, there is a possible way to leak image data across user... Moderate Unreviewed
CVE-2023-21239 was published Jul 13, 2023
An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video... High Unreviewed
CVE-2023-34656 was published Jun 29, 2023
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. Moderate Unreviewed
CVE-2023-3394 was published Jun 23, 2023
Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful... Moderate Unreviewed
CVE-2023-34156 was published Jun 19, 2023
Some access control products are vulnerable to a session hijacking attack because the product... High Unreviewed
CVE-2023-28809 was published Jun 15, 2023
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows... Critical Unreviewed
CVE-2023-31498 was published May 11, 2023
A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat... Critical Unreviewed
CVE-2023-28316 was published May 10, 2023
A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to... High Unreviewed
CVE-2023-30056 was published May 9, 2023
An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6,... Moderate Unreviewed
CVE-2023-1265 was published May 3, 2023
OXID eShop 6.2.x before 6.4.4 and 6.5.x before 6.5.2 allows session hijacking, leading to partial... Moderate Unreviewed
CVE-2023-26260 was published Apr 11, 2023
Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2. High Unreviewed
CVE-2022-31888 was published Apr 6, 2023
A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb... Critical Unreviewed
CVE-2021-42761 was published Feb 16, 2023
Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297... High Unreviewed
CVE-2021-29368 was published Jan 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database