GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Taipy has a Session Cookie without Secure and HTTPOnly flags
Moderate
CVE-2024-47833
was published
for
taipy
(pip)
Aug 27, 2024
The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag...
Moderate
Unreviewed
CVE-2024-6739
was published
Jul 15, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive...
Low
Unreviewed
CVE-2022-43845
was published
Sep 25, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could...
Low
Unreviewed
CVE-2022-33167
was published
Jul 30, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for...
Moderate
Unreviewed
CVE-2024-41685
was published
Jul 26, 2024
TYPO3 Security Misconfiguration in Install Tool Cookie
High
GHSA-f777-f784-36gm
was published
for
typo3/cms
(Composer)
Jun 7, 2024
TYPO3 Security Misconfiguration in Install Tool Cookie
High
GHSA-ppvg-hw62-6ph9
was published
for
typo3/cms-core
(Composer)
May 30, 2024
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6...
Moderate
Unreviewed
CVE-2023-4228
was published
Aug 24, 2023
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB...
Moderate
Unreviewed
CVE-2023-2876
was published
Jun 13, 2023
Apache Tomcat has cookies without HTTPOnly flag in Set-Cookie header
Moderate
CVE-2010-4312
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session...
Low
Unreviewed
CVE-2023-4217
was published
Nov 2, 2023
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration...
Moderate
Unreviewed
CVE-2022-21939
was published
Feb 9, 2023
An information disclosure vulnerability exists in the web interface session cookie functionality...
Moderate
Unreviewed
CVE-2022-25172
was published
May 13, 2022
nsupdate.info has Sensitive Cookie Without 'HttpOnly' Flag
Moderate
CVE-2019-25091
was published
for
nsupdate
(pip)
Dec 28, 2022
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a...
Low
Unreviewed
CVE-2021-34563
was published
May 24, 2022
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master.
Moderate
Unreviewed
CVE-2022-4630
was published
Dec 21, 2022
ProTip!
Advisories are also available from the
GraphQL API