GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
111 advisories
Filter by severity
** DISPUTED ** Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused...
Moderate
Unreviewed
CVE-2018-11567
was published
May 14, 2022
Jenkins SAML Plugin Session Fixation vulnerability
Moderate
CVE-2018-1000602
was published
for
org.jenkins-ci.plugins:saml
(Maven)
May 14, 2022
Session Fixation in the web application for TerraMaster TOS version 3.1.03 allows attackers to...
Moderate
Unreviewed
CVE-2018-13337
was published
May 14, 2022
A Session Fixation issue was discovered in Bigtree before 4.2.24. admin.php accepts a user...
Moderate
Unreviewed
CVE-2018-18380
was published
May 14, 2022
Session Fixation in Jenkins
Moderate
CVE-2018-1000409
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting...
Moderate
Unreviewed
CVE-2017-10600
was published
May 13, 2022
nss before version 3.30 is vulnerable to a remote denial of service during the session handshake...
Moderate
Unreviewed
CVE-2016-9574
was published
May 13, 2022
Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an...
Moderate
Unreviewed
CVE-2017-0892
was published
May 13, 2022
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow...
Moderate
Unreviewed
CVE-2017-12225
was published
May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure...
Moderate
Unreviewed
CVE-2017-1368
was published
May 13, 2022
A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On...
Moderate
Unreviewed
CVE-2018-0229
was published
May 13, 2022
A vulnerability in the session identification management functionality of the web-based...
Moderate
Unreviewed
CVE-2018-0359
was published
May 13, 2022
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior,...
Moderate
Unreviewed
CVE-2018-10591
was published
May 13, 2022
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7...
Moderate
Unreviewed
CVE-2018-13282
was published
May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The...
Moderate
Unreviewed
CVE-2018-17902
was published
May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the 'HttpOnly'...
Moderate
Unreviewed
CVE-2018-1480
was published
May 13, 2022
IBM Jazz Foundation products could allow a user with physical access to the system to log in as...
Moderate
Unreviewed
CVE-2018-1492
was published
May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute...
Moderate
Unreviewed
CVE-2018-1484
was published
May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable...
Moderate
Unreviewed
CVE-2018-1485
was published
May 13, 2022
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not renew a session...
Moderate
Unreviewed
CVE-2018-1626
was published
May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not...
Moderate
Unreviewed
CVE-2018-1804
was published
May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance does not...
Moderate
Unreviewed
CVE-2018-1948
was published
May 13, 2022
GitHub Authentication Plugin session fixation vulnerability
Moderate
CVE-2019-1003019
was published
for
org.jenkins-ci.plugins:github-oauth
(Maven)
May 13, 2022
Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed....
Moderate
Unreviewed
CVE-2019-3784
was published
May 13, 2022
Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed...
Moderate
Unreviewed
CVE-2008-3222
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API