GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,005

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

61 advisories

Filter by severity

Sort by

Least recently updated

An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and... High Unreviewed

CVE-2024-48827 was published Oct 11, 2024

The Central Manager user session refresh token does not expire when a user logs out. Note:... High Unreviewed

CVE-2024-39809 was published Aug 14, 2024

In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or... High Unreviewed

CVE-2024-41827 was published Jul 22, 2024

Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0... High Unreviewed

CVE-2024-27782 was published Jul 9, 2024

KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1... High Unreviewed

CVE-2024-36041 was published Jul 5, 2024

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The... High Unreviewed

CVE-2024-5995 was published Jun 14, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed

CVE-2024-35206 was published Jun 11, 2024

An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID... High Unreviewed

CVE-2024-35050 was published May 14, 2024

Insufficient session timeout vulnerability in the FAST3686 V2 Vodafone router from Sagemcom. This... High Unreviewed

CVE-2024-1623 was published Mar 14, 2024

When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the... High Unreviewed

CVE-2024-22389 was published Feb 14, 2024

An arithmetic overflow flaw was found in Satellite when creating a new personal access token.... High Unreviewed

CVE-2023-4320 was published Dec 30, 2023

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to... High Unreviewed

CVE-2023-51772 was published Dec 25, 2023

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control... High Unreviewed

CVE-2023-49935 was published Dec 14, 2023

A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows... High Unreviewed

CVE-2023-33303 was published Oct 13, 2023

When a non-admin user has been assigned an administrator role via an iControl REST PUT request... High Unreviewed

CVE-2023-42768 was published Oct 10, 2023

An authenticated user's session cookie may remain valid for a limited time after logging out... High Unreviewed

CVE-2023-40537 was published Oct 10, 2023

This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session... High Unreviewed

CVE-2023-37570 was published Aug 8, 2023

IBM Security Guardium 11.5 could allow a user to take over another user's session due to... High Unreviewed

CVE-2023-0041 was published Jun 5, 2023

An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater... High Unreviewed

CVE-2023-30403 was published May 2, 2023

A CWE-613: Insufficient Session Expiration vulnerability exists that could allow an attacker... High Unreviewed

CVE-2023-28003 was published Apr 18, 2023

IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access... High Unreviewed

CVE-2022-43844 was published Jan 5, 2023

By sending specific queries to the resolver, an attacker can cause named to crash. High Unreviewed

CVE-2022-3080 was published Sep 22, 2022

Improper Access Control in GitHub repository namelessmc/nameless prior to v2.0.2. High Unreviewed

CVE-2022-2820 was published Aug 16, 2022

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S ... High Unreviewed

CVE-2022-33137 was published Jul 13, 2022

** DISPUTED ** A vulnerability has been found in Microsoft O365 and classified as critical. The... High Unreviewed

CVE-2022-2076 was published Jun 15, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

61 advisories