Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18 advisories

Loading
HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not... Low Unreviewed
CVE-2024-30142 was published Nov 7, 2024
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies.... Moderate Unreviewed
CVE-2024-43180 was published Sep 13, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for... Moderate Unreviewed
CVE-2024-41684 was published Jul 26, 2024
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session... Moderate Unreviewed
CVE-2023-33860 was published Jul 10, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Moderate Unreviewed
CVE-2024-35211 was published Jun 11, 2024
Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops... High Unreviewed
CVE-2024-2493 was published Apr 23, 2024
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization... Moderate Unreviewed
CVE-2023-46179 was published Mar 15, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3... Moderate Unreviewed
CVE-2023-42016 was published Feb 9, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as... Low Unreviewed
CVE-2024-0349 was published Jan 10, 2024
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the... Low Unreviewed
CVE-2023-5035 was published Nov 2, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft... Low Unreviewed
CVE-2023-4654 was published Aug 31, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum... Moderate Unreviewed
CVE-2023-3520 was published Jul 6, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls... Moderate Unreviewed
CVE-2022-21940 was published Feb 9, 2023
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca... Moderate Unreviewed
CVE-2022-3251 was published Sep 22, 2022
Within the Service Desk module of the ITarian platform (SAAS and on-premise), a remote attacker... High Unreviewed
CVE-2022-25151 was published Jun 10, 2022
LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client... Moderate Unreviewed
CVE-2021-3882 was published May 24, 2022
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Moderate Unreviewed
CVE-2022-24045 was published May 21, 2022
Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The... Moderate Unreviewed
CVE-2021-27764 was published May 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database