Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,820
Erlang
36
GitHub Actions
32
Go
2,412
Maven
5,000+
npm
4,051
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,004
Swift
38
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain... Low Unreviewed
CVE-2025-0253 was published Jul 25, 2025
HCL IEM is affected by a concurrent login vulnerability.  The application allows multiple... Low Unreviewed
CVE-2025-0251 was published Jul 25, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, allows for setting an arbitrary session... Low Unreviewed
CVE-2024-49709 was published Apr 14, 2025
Mattermost fails to invalidate all active sessions when converting a user to a bot Low
CVE-2025-1412 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 24, 2025
Enabling Authentication does not close all logged in socket connections immediately Low
GHSA-23q2-5gf8-gjpp was published for uptime-kuma (npm) Apr 19, 2024
Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive... Low Unreviewed
CVE-2023-45718 was published Feb 10, 2024
A vulnerability classified as problematic has been found in SourceCodester Engineers Online... Low Unreviewed
CVE-2024-0351 was published Jan 10, 2024
Initially, a user opens a Private Browsing Window and generates a password for a site, then... Low Unreviewed
CVE-2020-6824 was published May 24, 2022
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could... Low Unreviewed
CVE-2016-9703 was published May 17, 2022
IBM Security Guardium 10.0 does not renew a session variable after a successful authentication... Low Unreviewed
CVE-2017-1270 was published May 14, 2022
Symfony Session Fixation Vulnerability Low
CVE-2015-8124 was published for symfony/security (Composer) May 14, 2022
A bug causing session fixation in Nextcloud Server prior to 14.0.0, 13.0.3 and 12.0.8 could... Low Unreviewed
CVE-2018-16463 was published May 13, 2022
IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the... Low Unreviewed
CVE-2018-1962 was published May 13, 2022
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable... Low Unreviewed
CVE-2001-1534 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database