Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

382 advisories

Loading
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series... High Unreviewed
CVE-2021-1542 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not invalidate session after logout... High Unreviewed
CVE-2021-20378 was published May 24, 2022
An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine... Moderate Unreviewed
CVE-2021-26037 was published May 24, 2022
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after... Moderate Unreviewed
CVE-2021-20431 was published May 24, 2022
Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor... High Unreviewed
CVE-2021-37156 was published May 24, 2022
The useradm service 1.14.0 (in Northern.tech Mender Enterprise 2.7.x before 2.7.1) and 1.13.0 (in... High Unreviewed
CVE-2021-35342 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to... High Unreviewed
CVE-2021-39113 was published May 24, 2022
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3... High Unreviewed
CVE-2021-33982 was published May 24, 2022
An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may... Moderate Unreviewed
CVE-2020-29012 was published May 24, 2022
The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an... Critical Unreviewed
CVE-2021-38823 was published May 24, 2022
Laravel Booking System Booking Core 2.0 is vulnerable to Session Management. A password change at... Critical Unreviewed
CVE-2021-37333 was published May 24, 2022
An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and... Critical Unreviewed
CVE-2021-24019 was published May 24, 2022
IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session... Moderate Unreviewed
CVE-2021-20473 was published May 24, 2022
The vulnerability can be described as a failure to invalidate user session upon password change.... Moderate Unreviewed
CVE-2021-35214 was published May 24, 2022
IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to... Moderate Unreviewed
CVE-2021-29868 was published May 24, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web... Critical Unreviewed
CVE-2021-40849 was published May 24, 2022
A vulnerability in the web-based management interface of multiple Cisco Small Business Series... High Unreviewed
CVE-2021-34739 was published May 24, 2022
Token leases could outlive their TTL in HashiCorp Vault Critical
CVE-2020-25816 was published for github.com/hashicorp/vault (Go) May 24, 2022
Camaleon CMS Insufficient Session Expiration vulnerability High
CVE-2021-25970 was published for camaleon_cms (RubyGems) May 24, 2022
In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s... Critical Unreviewed
CVE-2021-25985 was published May 24, 2022
In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration.... High Unreviewed
CVE-2021-25940 was published May 24, 2022
Liferay Portal and Liferay DXP fails to invalidate password reset tokens after use High
CVE-2021-33322 was published for com.liferay.portal:com.liferay.portal.impl (Maven) May 24, 2022
In “Orchard core CMS” application, versions 1.0.0-beta1-3383 to 1.0.0 are vulnerable to an... High Unreviewed
CVE-2021-25966 was published May 24, 2022
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration... Moderate Unreviewed
CVE-2022-30277 was published Jun 3, 2022
Insufficient Session Expiration in NocoDB High
CVE-2022-2064 was published for nocodb (npm) Jun 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database