GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,918

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

203 advisories

Filter by severity

Sort by

Least recently updated

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3... Moderate Unreviewed

CVE-2024-22358 was published Apr 12, 2024

Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session... Moderate Unreviewed

CVE-2024-25954 was published Mar 28, 2024

xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration, which allows attackers to use the... Critical Unreviewed

CVE-2024-29401 was published Mar 26, 2024

Insufficient session timeout vulnerability in the FAST3686 V2 Vodafone router from Sagemcom. This... High Unreviewed

CVE-2024-1623 was published Mar 14, 2024

A CWE-613 “Insufficient Session Expiration” vulnerability in the web application, due to the... Moderate Unreviewed

CVE-2023-45600 was published Mar 5, 2024

The MFA management features did not properly terminate existing user sessions when a user's MFA... Moderate Unreviewed

CVE-2024-21722 was published Feb 29, 2024

An issue was discovered in Linksys Router E1700 1.0.04 (build 3), allows authenticated attackers... Moderate Unreviewed

CVE-2024-22543 was published Feb 27, 2024

Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in... Moderate Unreviewed

CVE-2024-0008 was published Feb 14, 2024

When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the... High Unreviewed

CVE-2024-22389 was published Feb 14, 2024

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session... Moderate Unreviewed

CVE-2023-45187 was published Feb 9, 2024

IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an... Moderate Unreviewed

CVE-2023-50936 was published Feb 2, 2024

A vulnerability was found in Totolink N200RE V5 9.3.5u.6255_B20211224. It has been classified as... Low Unreviewed

CVE-2024-0942 was published Jan 26, 2024

A vulnerability was found in Totolink N350RT 9.3.5u.6255. It has been declared as problematic.... Low Unreviewed

CVE-2024-0943 was published Jan 26, 2024

A vulnerability was found in Totolink T8 4.1.5cu.833_20220905. It has been rated as problematic.... Low Unreviewed

CVE-2024-0944 was published Jan 26, 2024

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as... Low Unreviewed

CVE-2024-0350 was published Jan 10, 2024

A vulnerability, which was classified as problematic, was found in SourceCodester Engineers... Moderate Unreviewed

CVE-2024-0260 was published Jan 7, 2024

An arithmetic overflow flaw was found in Satellite when creating a new personal access token.... High Unreviewed

CVE-2023-4320 was published Dec 30, 2023

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to... High Unreviewed

CVE-2023-51772 was published Dec 25, 2023

An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control... High Unreviewed

CVE-2023-49935 was published Dec 14, 2023

Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Moderate Unreviewed

CVE-2023-5889 was published Nov 1, 2023

Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to... Moderate Unreviewed

CVE-2023-39695 was published Nov 1, 2023

Insufficient Session Expiration in GitHub repository linkstackorg/linkstack prior to v4.2.9. Moderate Unreviewed

CVE-2023-5838 was published Oct 29, 2023

IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than... Critical Unreviewed

CVE-2023-46158 was published Oct 25, 2023

HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate... Moderate Unreviewed

CVE-2023-37504 was published Oct 19, 2023

IBM Security Verify Privilege On-Premises 11.5 could allow a user to obtain sensitive... Moderate Unreviewed

CVE-2021-20581 was published Oct 17, 2023

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

203 advisories