Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

302 advisories

Loading
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens... High Unreviewed
CVE-2019-11213 was published May 13, 2022
Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before... High Unreviewed
CVE-2019-0102 was published May 13, 2022
Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed.... Moderate Unreviewed
CVE-2019-3784 was published May 13, 2022
Improper session management when using SAP Cloud Platform 2.0 (Connectivity Service and Cloud... High Unreviewed
CVE-2018-2409 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not... Moderate Unreviewed
CVE-2018-1804 was published May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable... Moderate Unreviewed
CVE-2018-1485 was published May 13, 2022
Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI... High Unreviewed
CVE-2018-2408 was published May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not... Moderate Unreviewed
CVE-2018-1948 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... Moderate Unreviewed
CVE-2018-17902 was published May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the 'HttpOnly'... Moderate Unreviewed
CVE-2018-1480 was published May 13, 2022
A bug causing session fixation in Nextcloud Server prior to 14.0.0, 13.0.3 and 12.0.8 could... Low Unreviewed
CVE-2018-16463 was published May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or... High Unreviewed
CVE-2018-8852 was published May 13, 2022
A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000,... High Unreviewed
CVE-2018-5465 was published May 13, 2022
Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a... High Unreviewed
CVE-2018-5385 was published May 13, 2022
IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the... Low Unreviewed
CVE-2018-1962 was published May 13, 2022
A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On... Moderate Unreviewed
CVE-2018-0229 was published May 13, 2022
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7... Moderate Unreviewed
CVE-2018-13282 was published May 13, 2022
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not renew a session... Moderate Unreviewed
CVE-2018-1626 was published May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute... Moderate Unreviewed
CVE-2018-1484 was published May 13, 2022
IBM Jazz Foundation products could allow a user with physical access to the system to log in as... Moderate Unreviewed
CVE-2018-1492 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not renew a session variable after... High Unreviewed
CVE-2018-1375 was published May 13, 2022
Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens... High Unreviewed
CVE-2018-1127 was published May 13, 2022
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM)... Critical Unreviewed
CVE-2017-3968 was published May 13, 2022
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior,... Moderate Unreviewed
CVE-2018-10591 was published May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure... Moderate Unreviewed
CVE-2017-1368 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database