Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

88 advisories

Loading
Session Fixation vulnerability in login.php in Pluck-CMS Pluck 4.7.15 allows an attacker to... High Unreviewed
CVE-2021-31745 was published Dec 11, 2021
An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can... High Unreviewed
CVE-2021-44151 was published Dec 14, 2021
DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An... High Unreviewed
CVE-2022-22551 was published Jan 22, 2022
IBM Financial Transaction Manager 3.2.4 does not invalidate session any existing session... High Unreviewed
CVE-2021-39066 was published Feb 3, 2022
A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface... High Unreviewed
CVE-2020-25152 was published Apr 15, 2022
Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to... High Unreviewed
CVE-2010-1434 was published Apr 21, 2022
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls. High Unreviewed
CVE-1999-0428 was published Apr 30, 2022
Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to... High Unreviewed
CVE-2007-4188 was published May 1, 2022
A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1... High Unreviewed
CVE-2018-6434 was published May 13, 2022
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time... High Unreviewed
CVE-2018-17199 was published May 13, 2022
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to... High Unreviewed
CVE-2018-9026 was published May 13, 2022
Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before... High Unreviewed
CVE-2019-0102 was published May 13, 2022
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens... High Unreviewed
CVE-2019-11213 was published May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or... High Unreviewed
CVE-2018-8852 was published May 13, 2022
A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000,... High Unreviewed
CVE-2018-5465 was published May 13, 2022
Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a... High Unreviewed
CVE-2018-5385 was published May 13, 2022
Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI... High Unreviewed
CVE-2018-2408 was published May 13, 2022
Improper session management when using SAP Cloud Platform 2.0 (Connectivity Service and Cloud... High Unreviewed
CVE-2018-2409 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not renew a session variable after... High Unreviewed
CVE-2018-1375 was published May 13, 2022
Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens... High Unreviewed
CVE-2018-1127 was published May 13, 2022
An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8, 16.10.x before 16.10.5,... High Unreviewed
CVE-2017-14163 was published May 13, 2022
Honeywell NVR devices allow remote attackers to create a user account in the admin group by... High Unreviewed
CVE-2017-14263 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier... High Unreviewed
CVE-2017-4963 was published May 14, 2022
An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and... High Unreviewed
CVE-2019-9744 was published May 14, 2022
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation... High Unreviewed
CVE-2015-5384 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database