Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,263
Erlang
31
GitHub Actions
21
Go
2,033
Maven
5,000+
npm
3,732
NuGet
662
pip
3,411
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

91 advisories

Loading
IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2... Moderate Unreviewed
CVE-2019-4072 was published May 24, 2022
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are... Moderate Unreviewed
CVE-2017-1000135 was published May 17, 2022
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are... Moderate Unreviewed
CVE-2017-1000136 was published May 17, 2022
IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to... Moderate Unreviewed
CVE-2017-1693 was published May 14, 2022
Philips ISCV application prior to version 2.3.0 has an insufficient session expiration... Moderate Unreviewed
CVE-2018-5438 was published May 14, 2022
A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded)... Moderate Unreviewed
CVE-2018-7758 was published May 14, 2022
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to... Moderate Unreviewed
CVE-2017-1000131 was published May 13, 2022
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller... Moderate Unreviewed
CVE-2017-14007 was published May 13, 2022
The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one... Moderate Unreviewed
CVE-2017-3215 was published May 13, 2022
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in... Moderate Unreviewed
CVE-2017-3966 was published May 13, 2022
XS Command-Line Interface (CLI) user sessions with the SAP HANA Extended Application Services (XS... Moderate Unreviewed
CVE-2018-2451 was published May 13, 2022
A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish... Moderate Unreviewed
CVE-2019-0015 was published May 13, 2022
nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key... Moderate Unreviewed
CVE-2014-3616 was published May 13, 2022
SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing... Moderate Unreviewed
CVE-2022-25590 was published Mar 26, 2022
IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after logout which could allow an... Moderate Unreviewed
CVE-2021-38986 was published Mar 2, 2022
In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie. Moderate Unreviewed
CVE-2022-24332 was published Feb 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database