GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,010
Maven
5,000+
npm
3,719
NuGet
662
pip
3,391
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
61 advisories
Filter by severity
An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and...
High
Unreviewed
CVE-2024-48827
was published
Oct 11, 2024
The Central Manager user session refresh token does not expire when a user logs out. Note:...
High
Unreviewed
CVE-2024-39809
was published
Aug 14, 2024
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or...
High
Unreviewed
CVE-2024-41827
was published
Jul 22, 2024
Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0...
High
Unreviewed
CVE-2024-27782
was published
Jul 9, 2024
KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1...
High
Unreviewed
CVE-2024-36041
was published
Jul 5, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The...
High
Unreviewed
CVE-2024-5995
was published
Jun 14, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-35206
was published
Jun 11, 2024
An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID...
High
Unreviewed
CVE-2024-35050
was published
May 14, 2024
Insufficient session timeout vulnerability in the FAST3686 V2 Vodafone router from Sagemcom. This...
High
Unreviewed
CVE-2024-1623
was published
Mar 14, 2024
When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the...
High
Unreviewed
CVE-2024-22389
was published
Feb 14, 2024
An arithmetic overflow flaw was found in Satellite when creating a new personal access token....
High
Unreviewed
CVE-2023-4320
was published
Dec 30, 2023
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to...
High
Unreviewed
CVE-2023-51772
was published
Dec 25, 2023
An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control...
High
Unreviewed
CVE-2023-49935
was published
Dec 14, 2023
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows...
High
Unreviewed
CVE-2023-33303
was published
Oct 13, 2023
When a non-admin user has been assigned an administrator role via an iControl REST PUT request...
High
Unreviewed
CVE-2023-42768
was published
Oct 10, 2023
An authenticated user's session cookie may remain valid for a limited time after logging out...
High
Unreviewed
CVE-2023-40537
was published
Oct 10, 2023
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session...
High
Unreviewed
CVE-2023-37570
was published
Aug 8, 2023
IBM Security Guardium 11.5 could allow a user to take over another user's session due to...
High
Unreviewed
CVE-2023-0041
was published
Jun 5, 2023
An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater...
High
Unreviewed
CVE-2023-30403
was published
May 2, 2023
A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker...
High
Unreviewed
CVE-2023-28003
was published
Apr 18, 2023
IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access...
High
Unreviewed
CVE-2022-43844
was published
Jan 5, 2023
By sending specific queries to the resolver, an attacker can cause named to crash.
High
Unreviewed
CVE-2022-3080
was published
Sep 22, 2022
Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2.
High
Unreviewed
CVE-2022-2820
was published
Aug 16, 2022
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S ...
High
Unreviewed
CVE-2022-33137
was published
Jul 13, 2022
** DISPUTED ** A vulnerability has been found in Microsoft O365 and classified as critical. The...
High
Unreviewed
CVE-2022-2076
was published
Jun 15, 2022
ProTip!
Advisories are also available from the
GraphQL API