Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

42 advisories

Loading
IBM Jazz for Service Management 1.1.3.0 through 1.1.3.24 does not set the secure attribute on... Moderate Unreviewed
CVE-2025-36011 was published Sep 9, 2025
Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the... Critical Unreviewed
CVE-2025-8037 was published Jul 22, 2025
This vulnerability exists in Digisol DG-GR6821AC Router due to misconfiguration of both Secure... High Unreviewed
CVE-2025-53757 was published Jul 16, 2025
The Secure attribute is missing on multiple cookies provided by the MEAC300-FNADE4. An attacker... Moderate Unreviewed
CVE-2025-27450 was published Jul 3, 2025
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens... Moderate Unreviewed
CVE-2025-36026 was published Jun 28, 2025
In phpipam/phpipam version 1.5.1, the Secure attribute for sensitive cookies in HTTPS sessions is... Moderate Unreviewed
CVE-2024-10718 was published Mar 20, 2025
General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches Critical
GHSA-vpxm-cr3r-pjp9 was published for org.openmrs.module:addresshierarchy (Maven) Jan 30, 2025
slubwama mseaton
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking... Moderate Unreviewed
CVE-2025-24390 was published Jan 27, 2025
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does... Moderate Unreviewed
CVE-2024-28771 was published Jan 27, 2025
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does... Moderate Unreviewed
CVE-2024-28770 was published Jan 27, 2025
This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used... High Unreviewed
CVE-2025-0479 was published Jan 20, 2025
IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization... Moderate Unreviewed
CVE-2024-55897 was published Jan 4, 2025
HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not... Low Unreviewed
CVE-2024-30142 was published Nov 7, 2024
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies.... Moderate Unreviewed
CVE-2024-43180 was published Sep 13, 2024
Taipy has a Session Cookie without Secure and HTTPOnly flags Moderate
CVE-2024-47833 was published for taipy (pip) Aug 27, 2024
mbiesiad
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for... Moderate Unreviewed
CVE-2024-41684 was published Jul 26, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on... Moderate Unreviewed
CVE-2024-39734 was published Jul 14, 2024
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session... Moderate Unreviewed
CVE-2023-33860 was published Jul 10, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-35211 was published Jun 11, 2024
Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops... High Unreviewed
CVE-2024-2493 was published Apr 23, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization... Moderate Unreviewed
CVE-2023-46179 was published Mar 15, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3... Moderate Unreviewed
CVE-2023-42016 was published Feb 9, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as... Low Unreviewed
CVE-2024-0349 was published Jan 10, 2024
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the... Low Unreviewed
CVE-2023-5035 was published Nov 2, 2023
Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq Moderate
CVE-2023-5866 was published for thorsten/phpmyfaq (Composer) Oct 31, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database