GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,150
Erlang
30
GitHub Actions
19
Go
1,952
Maven
5,000+
npm
3,684
NuGet
650
pip
3,305
Pub
11
RubyGems
879
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
287 advisories
Filter by severity
Insufficient Session Expiration in thorsten/phpmyfaq
High
CVE-2023-5865
was published
for
thorsten/phpmyfaq
(Composer)
Oct 31, 2023
Insufficient session expiration in Elenos ETG150 FM Transmitter v3.12 allows attackers to...
Moderate
Unreviewed
CVE-2023-39695
was published
Nov 1, 2023
Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Moderate
Unreviewed
CVE-2023-5889
was published
Nov 1, 2023
yt-dlp Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection
Moderate
CVE-2023-46121
was published
for
yt-dlp
(pip)
Nov 15, 2023
An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control...
High
Unreviewed
CVE-2023-49935
was published
Dec 14, 2023
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to...
High
Unreviewed
CVE-2023-51772
was published
Dec 25, 2023
An arithmetic overflow flaw was found in Satellite when creating a new personal access token....
High
Unreviewed
CVE-2023-4320
was published
Dec 30, 2023
A vulnerability, which was classified as problematic, was found in SourceCodester Engineers...
Moderate
Unreviewed
CVE-2024-0260
was published
Jan 7, 2024
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as...
Low
Unreviewed
CVE-2024-0350
was published
Jan 10, 2024
A vulnerability was found in Totolink N200RE V5 9.3.5u.6255_B20211224. It has been classified as...
Low
Unreviewed
CVE-2024-0942
was published
Jan 26, 2024
A vulnerability was found in Totolink T8 4.1.5cu.833_20220905. It has been rated as problematic....
Low
Unreviewed
CVE-2024-0944
was published
Jan 26, 2024
A vulnerability was found in Totolink N350RT 9.3.5u.6255. It has been declared as problematic....
Low
Unreviewed
CVE-2024-0943
was published
Jan 26, 2024
IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an...
Moderate
Unreviewed
CVE-2023-50936
was published
Feb 2, 2024
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session...
Moderate
Unreviewed
CVE-2023-45187
was published
Feb 9, 2024
Samly access control vulnerability
Critical
CVE-2024-25718
was published
for
Samly
(Erlang)
Feb 11, 2024
When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the...
High
Unreviewed
CVE-2024-22389
was published
Feb 14, 2024
Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in...
Moderate
Unreviewed
CVE-2024-0008
was published
Feb 14, 2024
Insufficient Session Expiration in github.com/greenpau/caddy-security
Moderate
CVE-2024-21492
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Session Fixation Apache DolphinScheduler
Moderate
CVE-2023-50270
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Feb 20, 2024
An issue was discovered in Linksys Router E1700 1.0.04 (build 3), allows authenticated attackers...
Moderate
Unreviewed
CVE-2024-22543
was published
Feb 27, 2024
The MFA management features did not properly terminate existing user sessions when a user's MFA...
Unknown
Unreviewed
CVE-2024-21722
was published
Feb 29, 2024
A CWE-613 “Insufficient Session Expiration” vulnerability in the web application, due to the...
Moderate
Unreviewed
CVE-2023-45600
was published
Mar 5, 2024
Insufficient session timeout vulnerability in the FAST3686 V2 Vodafone router from Sagemcom. This...
High
Unreviewed
CVE-2024-1623
was published
Mar 14, 2024
xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration, which allows attackers to use the...
Critical
Unreviewed
CVE-2024-29401
was published
Mar 26, 2024
Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session...
Moderate
Unreviewed
CVE-2024-25954
was published
Mar 28, 2024
ProTip!
Advisories are also available from the
GraphQL API