GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,997
Composer 5,075
Erlang 39
GitHub Actions 38
Go 2,744
Maven 6,162
npm 4,341
NuGet 765
pip 4,113
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,076

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

56 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate... Critical Unreviewed

CVE-2023-1854 was published Apr 5, 2023

Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10... Critical Unreviewed

CVE-2022-48317 was published Feb 20, 2023

TYPO3 vulnerable to Insufficient Session Expiration Critical

CVE-2022-47406 was published for derhansen/fe_change_pwd (Composer) Dec 14, 2022

In Ifme, versions 1.0.0 to v.7.33.2 don’t properly invalidate a user’s session even after the... Critical Unreviewed

CVE-2021-25992 was published Feb 11, 2022

A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to... Critical Unreviewed

CVE-2021-22820 was published Jan 29, 2022

Apostrophe CMS Insufficient Session Expiration vulnerability Critical

CVE-2021-25979 was published for apostrophe (npm) Nov 10, 2021

In Mattermost Focalboard, versions prior to v0.7.5, v0.8.4, v0.9.5, v0.10.1 and v0.11.0-rc1; as... Critical Unreviewed

CVE-2022-22122 was published Jan 14, 2022

In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through... Critical Unreviewed

CVE-2021-25981 was published Jan 4, 2022

An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware... Critical Unreviewed

CVE-2021-35034 was published Dec 30, 2021

Mahavitaran android application 7.50 and prior are affected by account takeover due to improper... Critical Unreviewed

CVE-2020-27416 was published Dec 9, 2021

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration... Critical Unreviewed

CVE-2021-36330 was published Dec 1, 2021

An insufficient session expiration vulnerability exists in Business-DNA Solutions GmbH’s TopEase®... Critical Unreviewed

CVE-2021-42545 was published Dec 1, 2021

Insufficient Session Expiration in librenms/librenms Critical

CVE-2022-4070 was published for librenms/librenms (Composer) Nov 20, 2022

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 ... Critical Unreviewed

CVE-2022-24042 was published May 11, 2022

Cockpit before 2.2.0 vulnerable to Insufficient Session Expiration Critical

CVE-2022-2713 was published for aheinze/cockpit (Composer) Aug 9, 2022

In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s... Critical Unreviewed

CVE-2021-25985 was published May 24, 2022

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web... Critical Unreviewed

CVE-2021-40849 was published May 24, 2022

An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and... Critical Unreviewed

CVE-2021-24019 was published May 24, 2022

Laravel Booking System Booking Core 2.0 is vulnerable to Session Management. A password change at... Critical Unreviewed

CVE-2021-37333 was published May 24, 2022

The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an... Critical Unreviewed

CVE-2021-38823 was published May 24, 2022

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x... Critical Unreviewed

CVE-2022-35728 was published Aug 5, 2022

DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On... Critical Unreviewed

CVE-2020-35358 was published May 24, 2022

An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and... Critical Unreviewed

CVE-2020-6649 was published May 24, 2022

In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie... Critical Unreviewed

CVE-2020-29667 was published May 24, 2022

In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire... Critical Unreviewed

CVE-2020-27422 was published May 24, 2022

Previous 123 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

56 advisories