GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
18 advisories
Filter by severity
HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not...
Low
Unreviewed
CVE-2024-30142
was published
Nov 7, 2024
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies....
Moderate
Unreviewed
CVE-2024-43180
was published
Sep 13, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for...
Moderate
Unreviewed
CVE-2024-41684
was published
Jul 26, 2024
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session...
Moderate
Unreviewed
CVE-2023-33860
was published
Jul 10, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-35211
was published
Jun 11, 2024
Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops...
High
Unreviewed
CVE-2024-2493
was published
Apr 23, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization...
Moderate
Unreviewed
CVE-2023-46179
was published
Mar 15, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3...
Moderate
Unreviewed
CVE-2023-42016
was published
Feb 9, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as...
Low
Unreviewed
CVE-2024-0349
was published
Jan 10, 2024
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the...
Low
Unreviewed
CVE-2023-5035
was published
Nov 2, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft...
Low
Unreviewed
CVE-2023-4654
was published
Aug 31, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum...
Moderate
Unreviewed
CVE-2023-3520
was published
Jul 6, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls...
Moderate
Unreviewed
CVE-2022-21940
was published
Feb 9, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca...
Moderate
Unreviewed
CVE-2022-3251
was published
Sep 22, 2022
Within the Service Desk module of the ITarian platform (SAAS and on-premise), a remote attacker...
High
Unreviewed
CVE-2022-25151
was published
Jun 10, 2022
LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client...
Moderate
Unreviewed
CVE-2021-3882
was published
May 24, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ...
Moderate
Unreviewed
CVE-2022-24045
was published
May 21, 2022
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The...
Moderate
Unreviewed
CVE-2021-27764
was published
May 7, 2022
ProTip!
Advisories are also available from the
GraphQL API