Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,070
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,628
NuGet
638
pip
3,240
Pub
10
RubyGems
858
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

273 advisories

Loading
Session fixation vulnerability in pcsd in pcs before 0.9.157. High Unreviewed
CVE-2016-0721 was published May 17, 2022
IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with... Moderate Unreviewed
CVE-2017-1152 was published May 17, 2022
phpMyAdmin Bypass logout timeout Moderate
CVE-2016-9851 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9... High Unreviewed
CVE-2017-4014 was published May 17, 2022
Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform... Moderate Unreviewed
CVE-2017-2145 was published May 17, 2022
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could... Low Unreviewed
CVE-2016-9703 was published May 17, 2022
Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and... Critical Unreviewed
CVE-2015-1174 was published May 17, 2022
IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an... High Unreviewed
CVE-2016-9981 was published May 17, 2022
OpenStack Horizon Session Fixation Moderate
CVE-2012-2144 was published for horizon (pip) May 17, 2022
Session fixation vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7... Moderate Unreviewed
CVE-2014-4789 was published May 17, 2022
** DISPUTED ** FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass... High Unreviewed
CVE-2017-11191 was published May 17, 2022
/bin/login.php in the Web Panel on the Airtame HDMI dongle with firmware before 3.0 allows an... Critical Unreviewed
CVE-2017-15304 was published May 17, 2022
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from... High Unreviewed
CVE-2017-1000150 was published May 17, 2022
Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware... Moderate Unreviewed
CVE-2017-10890 was published May 17, 2022
IBM Security Guardium 10.0 does not renew a session variable after a successful authentication... Low Unreviewed
CVE-2017-1270 was published May 14, 2022
Session Fixation in ipsilon Critical
CVE-2016-8638 was published for ipsilon (pip) May 14, 2022
tdunlap607
A Session Fixation Vulnerability exists in the MT4 Networks SenhaSegura Web Application 2.2.23.8... High Unreviewed
CVE-2017-11562 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... High Unreviewed
CVE-2017-18125 was published May 14, 2022
VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of... Critical Unreviewed
CVE-2018-6959 was published May 14, 2022
Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3... High Unreviewed
CVE-2018-0564 was published May 14, 2022
Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session... High Unreviewed
CVE-2013-2049 was published May 14, 2022
Jenkins Google Login Plugin Session Fixation vulnerability Moderate
CVE-2018-1000173 was published for org.jenkins-ci.plugins:google-login (Maven) May 14, 2022
In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the... Moderate Unreviewed
CVE-2018-1148 was published May 14, 2022
An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. The admin login session... High Unreviewed
CVE-2018-10252 was published May 14, 2022
ClipperCMS 1.3.3 allows Session Fixation. High Unreviewed
CVE-2018-11571 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API