GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,005

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

201 advisories

Filter by severity

Sort by

Least recently updated

IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration.... Moderate Unreviewed

CVE-2024-46040 was published Oct 7, 2024

The MFA management features did not properly terminate existing user sessions when a user's MFA... Moderate Unreviewed

CVE-2024-21722 was published Feb 29, 2024

The logout operation in the CloudStack web interface does not expire the user session completely... Moderate Unreviewed

CVE-2024-45462 was published Oct 16, 2024

An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and... High Unreviewed

CVE-2024-48827 was published Oct 11, 2024

HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain... Moderate Unreviewed

CVE-2024-23586 was published Sep 28, 2024

An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1... Critical Unreviewed

CVE-2024-8888 was published Sep 18, 2024

Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an... High Unreviewed

CVE-2019-5638 was published May 24, 2022

IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which... Moderate Unreviewed

CVE-2024-38315 was published Sep 16, 2024

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2).... Moderate Unreviewed

CVE-2024-32006 was published Sep 10, 2024

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to... High Unreviewed

CVE-2023-51772 was published Dec 25, 2023

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in... Moderate Unreviewed

CVE-2024-36523 was published Jun 12, 2024

An issue was discovered in Linksys Router E1700 1.0.04 (build 3), allows authenticated attackers... Moderate Unreviewed

CVE-2024-22543 was published Feb 27, 2024

The Central Manager user session refresh token does not expire when a user logs out. Note:... High Unreviewed

CVE-2024-39809 was published Aug 14, 2024

An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and... Low Unreviewed

CVE-2022-45862 was published Aug 13, 2024

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10... Moderate Unreviewed

CVE-2022-38382 was published Aug 13, 2024

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed

CVE-2024-35206 was published Jun 11, 2024

xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration, which allows attackers to use the... Critical Unreviewed

CVE-2024-29401 was published Mar 26, 2024

On versions before 2.1.4, session is not invalidated after logout. When the user logged in... Critical Unreviewed

CVE-2024-29070 was published Jul 23, 2024

IBM Aspera Orchestrator 4.0.1 does not invalidate session after a password change which could... Moderate Unreviewed

CVE-2023-26288 was published Jul 30, 2024

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses... Moderate Unreviewed

CVE-2022-32759 was published Jul 25, 2024

In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or... High Unreviewed

CVE-2024-41827 was published Jul 22, 2024

Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0... High Unreviewed

CVE-2024-27782 was published Jul 9, 2024

KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1... High Unreviewed

CVE-2024-36041 was published Jul 5, 2024

An issue in SurveyKing v1.3.1 allows attackers to escalate privileges via re-using the session ID... High Unreviewed

CVE-2024-35050 was published May 14, 2024

SurveyKing v1.3.1 was discovered to keep users' sessions active after logout. Related to an... Critical Unreviewed

CVE-2024-35049 was published May 14, 2024

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

201 advisories