GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
128 advisories
Filter by severity
Insufficient Session Expiration in Pterodactyl API
Moderate
GHSA-7v3x-h7r2-34jv
was published
for
pterodactyl/panel
(Composer)
Jan 21, 2022
Zitadel RefreshToken invalidation vulnerability
Moderate
CVE-2023-22492
was published
for
github.com/zitadel/zitadel
(Go)
Jan 11, 2023
SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing...
Moderate
Unreviewed
CVE-2022-25590
was published
Mar 26, 2022
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration...
Moderate
Unreviewed
CVE-2022-30277
was published
Jun 3, 2022
Insufficient Session Expiration in TYPO3's Admin Tool
Moderate
CVE-2022-31050
was published
for
typo3/cms
(Composer)
Jun 17, 2022
Mealie1.0.0beta3 does not terminate download tokens after a user logs out, allowing attackers to...
Moderate
Unreviewed
CVE-2022-34624
was published
Aug 20, 2022
Pyload Insufficient Session Expiration vulnerability
Moderate
CVE-2023-0227
was published
for
pyload-ng
(pip)
Jan 12, 2023
In affected versions of Octopus Server it was identified that a session cookie could be used as...
Moderate
Unreviewed
CVE-2022-2783
was published
Oct 6, 2022
A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for...
Moderate
Unreviewed
CVE-2020-3188
was published
May 24, 2022
OpenVPN Access Server older than version 2.8.4 generates new user authentication tokens instead...
Moderate
Unreviewed
CVE-2020-15074
was published
May 24, 2022
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The...
Moderate
Unreviewed
CVE-2020-13299
was published
May 24, 2022
OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam...
Moderate
Unreviewed
CVE-2020-4780
was published
May 24, 2022
The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2020-1666
was published
May 24, 2022
An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. Because of implicitly remembered...
Moderate
Unreviewed
CVE-2020-15774
was published
May 24, 2022
IBM Security Access Manager Appliance 9.0.7 does not invalidate session after logout which could...
Moderate
Unreviewed
CVE-2020-4395
was published
May 24, 2022
CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal...
Moderate
Unreviewed
CVE-2020-25374
was published
May 24, 2022
IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.9, 2018.4.1.0 through...
Moderate
Unreviewed
CVE-2022-40228
was published
Nov 22, 2022
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through...
Moderate
Unreviewed
CVE-2021-27351
was published
May 24, 2022
Pinniped Supervisor Insufficient Session Expiration vulnerability
Moderate
CVE-2022-31677
was published
for
go.pinniped.dev
(Go)
Sep 1, 2022
A vulnerability was found in the Quay web application. Sessions in the Quay web application never...
Moderate
Unreviewed
CVE-2019-3867
was published
May 24, 2022
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could...
Moderate
Unreviewed
CVE-2020-14247
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 does not invalidate session after logout...
Moderate
Unreviewed
CVE-2020-4995
was published
May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5...
Moderate
Unreviewed
CVE-2021-22221
was published
May 24, 2022
An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine...
Moderate
Unreviewed
CVE-2021-26037
was published
May 24, 2022
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after...
Moderate
Unreviewed
CVE-2021-20431
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API