Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

15 advisories

Loading
Insufficient Session Expiration in Pterodactyl API Moderate
GHSA-7v3x-h7r2-34jv was published for pterodactyl/panel (Composer) Jan 21, 2022
EgoMaw
Insufficient Session Expiration in TYPO3's Admin Tool Moderate
CVE-2022-31050 was published for typo3/cms (Composer) Jun 17, 2022
waldhacker1 ohader
TYPO3 CMS vulnerable to Insufficient Session Expiration after Password Reset Moderate
CVE-2022-23502 was published for typo3/cms (Composer) Dec 13, 2022
derhansen
Firefly III insufficiently expires sessions Moderate
CVE-2023-1788 was published for grumpydictator/firefly-iii (Composer) Apr 5, 2023
Symfony vulnerable to Session Fixation of CSRF tokens Moderate
CVE-2022-24895 was published for symfony/security-bundle (Composer) Feb 1, 2023
nicolas-grekas lavish
Microweber Insufficient Session Expiry Moderate
CVE-2020-23136 was published for microweber/microweber (Composer) May 24, 2022
Admidio Insufficient Session Expiration vulnerability Moderate
CVE-2023-4190 was published for admidio/admidio (Composer) Aug 6, 2023
Concrete CMS missing secure cookie parameters Moderate
CVE-2023-28472 was published for concrete5/concrete5 (Composer) Apr 28, 2023
MarkLee131
Magento Insufficient Session Expiration Moderate
CVE-2021-21032 was published for magento/community-edition (Composer) May 24, 2022
Magento Insufficient Session Expiration Moderate
CVE-2021-21031 was published for magento/community-edition (Composer) May 24, 2022
Symfony DoS Moderate
CVE-2018-11386 was published for symfony/http-foundation (Composer) May 14, 2022
Shopware Improper Session Handling in store-api account logout Moderate
CVE-2024-31447 was published for shopware/core (Composer) Apr 8, 2024
mdanilowicz
Contao: Remember-me tokens will not be cleared after a password change Moderate
CVE-2024-30262 was published for contao/core-bundle (Composer) Apr 9, 2024
bytehead
SimpleSAMLphp Invalid token creation and validation Moderate
CVE-2017-12867 was published for simplesamlphp/simplesamlphp (Composer) May 13, 2022
Reportico Web fails to invalidate cookies upon logout Moderate
CVE-2024-31556 was published for reportico-web/reportico (Composer) May 14, 2024
ProTip! Advisories are also available from the GraphQL API