GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,241
Erlang
31
GitHub Actions
21
Go
2,010
Maven
5,000+
npm
3,718
NuGet
662
pip
3,389
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
61 advisories
Filter by severity
An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and...
High
Unreviewed
CVE-2024-48827
was published
Oct 11, 2024
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an...
High
Unreviewed
CVE-2019-5638
was published
May 24, 2022
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to...
High
Unreviewed
CVE-2023-51772
was published
Dec 25, 2023
The Central Manager user session refresh token does not expire when a user logs out. Note:...
High
Unreviewed
CVE-2024-39809
was published
Aug 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-35206
was published
Jun 11, 2024
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or...
High
Unreviewed
CVE-2024-41827
was published
Jul 22, 2024
Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0...
High
Unreviewed
CVE-2024-27782
was published
Jul 9, 2024
KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1...
High
Unreviewed
CVE-2024-36041
was published
Jul 5, 2024
An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID...
High
Unreviewed
CVE-2024-35050
was published
May 14, 2024
By sending specific queries to the resolver, an attacker can cause named to crash.
High
Unreviewed
CVE-2022-3080
was published
Sep 22, 2022
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The...
High
Unreviewed
CVE-2024-5995
was published
Jun 14, 2024
An arithmetic overflow flaw was found in Satellite when creating a new personal access token....
High
Unreviewed
CVE-2023-4320
was published
Dec 30, 2023
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows...
High
Unreviewed
CVE-2023-33303
was published
Oct 13, 2023
When a non-admin user has been assigned an administrator role via an iControl REST PUT request...
High
Unreviewed
CVE-2023-42768
was published
Oct 10, 2023
An authenticated user's session cookie may remain valid for a limited time after logging out...
High
Unreviewed
CVE-2023-40537
was published
Oct 10, 2023
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session...
High
Unreviewed
CVE-2023-37570
was published
Aug 8, 2023
IBM Security Guardium 11.5 could allow a user to take over another user's session due to...
High
Unreviewed
CVE-2023-0041
was published
Jun 5, 2023
An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater...
High
Unreviewed
CVE-2023-30403
was published
May 2, 2023
A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker...
High
Unreviewed
CVE-2023-28003
was published
Apr 18, 2023
cPanel before 82.0.15 allows API token credentials to persist after an account has been renamed...
High
Unreviewed
CVE-2019-17375
was published
May 24, 2022
Insufficient session timeout vulnerability in the FAST3686 V2 Vodafone router from Sagemcom. This...
High
Unreviewed
CVE-2024-1623
was published
Mar 14, 2024
When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the...
High
Unreviewed
CVE-2024-22389
was published
Feb 14, 2024
An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control...
High
Unreviewed
CVE-2023-49935
was published
Dec 14, 2023
Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2.
High
Unreviewed
CVE-2022-2820
was published
Aug 16, 2022
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the...
High
Unreviewed
CVE-2022-0996
was published
Mar 24, 2022
ProTip!
Advisories are also available from the
GraphQL API