GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
198 advisories
Filter by severity
A flaw was found in WildFly Elytron. A variation to the use of a session fixation exploit when...
Moderate
Unreviewed
CVE-2021-20324
was published
Apr 19, 2022
A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface...
High
Unreviewed
CVE-2020-25152
was published
Apr 15, 2022
Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to...
High
Unreviewed
CVE-2010-1434
was published
Apr 21, 2022
Wind River VxWorks 6.5 through 6.9 and vx7 has Session Fixation in the TCP component. This is a...
High
Unreviewed
CVE-2019-12258
was published
May 24, 2022
IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an...
High
Unreviewed
CVE-2016-9981
was published
May 17, 2022
Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and...
Critical
Unreviewed
CVE-2015-1174
was published
May 17, 2022
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise...
Moderate
Unreviewed
CVE-2022-43529
was published
Jan 5, 2023
Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an...
Moderate
Unreviewed
CVE-2017-0892
was published
May 13, 2022
Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform...
Moderate
Unreviewed
CVE-2017-2145
was published
May 17, 2022
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could...
Low
Unreviewed
CVE-2016-9703
was published
May 17, 2022
Session fixation vulnerability in access control management in Synology Photo Station before 6.8...
High
Unreviewed
CVE-2022-22681
was published
Jul 7, 2022
Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9...
High
Unreviewed
CVE-2017-4014
was published
May 17, 2022
Tivoli Storage Manager Operations Center could allow a local user to take over a previously...
High
Unreviewed
CVE-2016-6043
was published
May 17, 2022
IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user...
Moderate
Unreviewed
CVE-2016-6040
was published
May 17, 2022
IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with...
Moderate
Unreviewed
CVE-2017-1152
was published
May 17, 2022
In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.
High
Unreviewed
CVE-2017-6412
was published
May 17, 2022
Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1,...
Moderate
Unreviewed
CVE-2017-5831
was published
May 17, 2022
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,...
Moderate
Unreviewed
CVE-2017-5141
was published
May 17, 2022
Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack...
High
Unreviewed
CVE-2016-10205
was published
May 17, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log...
High
Unreviewed
CVE-2022-34536
was published
Jul 20, 2022
This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200...
Critical
Unreviewed
CVE-2022-40630
was published
Sep 25, 2022
IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security...
Moderate
Unreviewed
CVE-2019-4304
was published
May 24, 2022
IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners...
High
Unreviewed
CVE-2019-4227
was published
May 24, 2022
Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie...
Moderate
Unreviewed
CVE-2022-30769
was published
Nov 16, 2022
A vulnerability, which was classified as critical, has been found in kassi xingwall. This issue...
Moderate
Unreviewed
CVE-2014-125048
was published
Jan 6, 2023
ProTip!
Advisories are also available from the
GraphQL API