Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable... Low Unreviewed
CVE-2001-1534 was published Apr 30, 2022
IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the... Low Unreviewed
CVE-2018-1962 was published May 13, 2022
A bug causing session fixation in Nextcloud Server prior to 14.0.0, 13.0.3 and 12.0.8 could... Low Unreviewed
CVE-2018-16463 was published May 13, 2022
Symfony Session Fixation Vulnerability Low
CVE-2015-8124 was published for symfony/security (Composer) May 14, 2022
IBM Security Guardium 10.0 does not renew a session variable after a successful authentication... Low Unreviewed
CVE-2017-1270 was published May 14, 2022
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could... Low Unreviewed
CVE-2016-9703 was published May 17, 2022
Initially, a user opens a Private Browsing Window and generates a password for a site, then... Low Unreviewed
CVE-2020-6824 was published May 24, 2022
A vulnerability classified as problematic has been found in SourceCodester Engineers Online... Low Unreviewed
CVE-2024-0351 was published Jan 10, 2024
Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive... Low Unreviewed
CVE-2023-45718 was published Feb 10, 2024
Enabling Authentication does not close all logged in socket connections immediately Low
GHSA-23q2-5gf8-gjpp was published for uptime-kuma (npm) Apr 19, 2024
ProTip! Advisories are also available from the GraphQL API