Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

117 advisories

Loading
phpMyAdmin Bypass logout timeout Moderate
CVE-2016-9851 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform... Moderate Unreviewed
CVE-2017-2145 was published May 17, 2022
OpenStack Horizon Session Fixation Moderate
CVE-2012-2144 was published for horizon (pip) May 17, 2022
Session fixation vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7... Moderate Unreviewed
CVE-2014-4789 was published May 17, 2022
Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware... Moderate Unreviewed
CVE-2017-10890 was published May 17, 2022
Jenkins Google Login Plugin Session Fixation vulnerability Moderate
CVE-2018-1000173 was published for org.jenkins-ci.plugins:google-login (Maven) May 14, 2022
In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the... Moderate Unreviewed
CVE-2018-1148 was published May 14, 2022
** DISPUTED ** Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused... Moderate Unreviewed
CVE-2018-11567 was published May 14, 2022
Jenkins SAML Plugin Session Fixation vulnerability Moderate
CVE-2018-1000602 was published for org.jenkins-ci.plugins:saml (Maven) May 14, 2022
Session Fixation in the web application for TerraMaster TOS version 3.1.03 allows attackers to... Moderate Unreviewed
CVE-2018-13337 was published May 14, 2022
A Session Fixation issue was discovered in Bigtree before 4.2.24. admin.php accepts a user... Moderate Unreviewed
CVE-2018-18380 was published May 14, 2022
Session Fixation in Jenkins Moderate
CVE-2018-1000409 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting... Moderate Unreviewed
CVE-2017-10600 was published May 13, 2022
nss before version 3.30 is vulnerable to a remote denial of service during the session handshake... Moderate Unreviewed
CVE-2016-9574 was published May 13, 2022
Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an... Moderate Unreviewed
CVE-2017-0892 was published May 13, 2022
A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow... Moderate Unreviewed
CVE-2017-12225 was published May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure... Moderate Unreviewed
CVE-2017-1368 was published May 13, 2022
A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On... Moderate Unreviewed
CVE-2018-0229 was published May 13, 2022
A vulnerability in the session identification management functionality of the web-based... Moderate Unreviewed
CVE-2018-0359 was published May 13, 2022
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior,... Moderate Unreviewed
CVE-2018-10591 was published May 13, 2022
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7... Moderate Unreviewed
CVE-2018-13282 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... Moderate Unreviewed
CVE-2018-17902 was published May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the 'HttpOnly'... Moderate Unreviewed
CVE-2018-1480 was published May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute... Moderate Unreviewed
CVE-2018-1484 was published May 13, 2022
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable... Moderate Unreviewed
CVE-2018-1485 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database