GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,975

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

120 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Sencore SMP100 SMP Media Platform (firmware versions V4.2.160, V60.1.4, V60.1.29) is... Moderate Unreviewed

CVE-2025-63226 was published Nov 18, 2025

When multiple server blocks are configured to share the same IP address and port, an attacker can... Moderate Unreviewed

CVE-2025-23419 was published Feb 5, 2025

Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1... Moderate Unreviewed

CVE-2025-12278 was published Oct 26, 2025

On affected platforms, if SSH session multiplexing was configured on the client side, SSH... Moderate Unreviewed

CVE-2025-54547 was published Oct 30, 2025

The TeleMessage service through 2025-05-05 implements authentication through a long-lived... Moderate Unreviewed

CVE-2025-48929 was published May 28, 2025

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL VPN 7.6.0 through 7.6.2... Moderate Unreviewed

CVE-2025-25252 was published Oct 14, 2025

A suspended or recently logged-out user could continue to interact with Blueframe until the time... Moderate Unreviewed

CVE-2025-46741 was published May 12, 2025

IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which... Moderate Unreviewed

CVE-2023-49881 was published Oct 1, 2025

Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One prior to... Moderate Unreviewed

CVE-2025-10223 was published Sep 10, 2025

IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform... Moderate Unreviewed

CVE-2025-36040 was published Jul 31, 2025

An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4... Moderate Unreviewed

CVE-2024-27779 was published Jul 18, 2025

Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel... Moderate Unreviewed

CVE-2025-4407 was published Jun 30, 2025

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0,... Moderate Unreviewed

CVE-2024-50562 was published Jun 10, 2025

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed

CVE-2025-25019 was published Jun 3, 2025

IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could... Moderate Unreviewed

CVE-2025-33005 was published Jun 1, 2025

devhub 0.102.0 was discovered to contain a broken session control. Moderate Unreviewed

CVE-2022-41542 was published Oct 17, 2022

A vulnerability was found in Dígitro NGC Explorer up to 3.44.15 and classified as problematic.... Moderate Unreviewed

CVE-2025-4528 was published May 11, 2025

IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow... Moderate Unreviewed

CVE-2024-22351 was published Apr 24, 2025

IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session... Moderate Unreviewed

CVE-2024-45651 was published Apr 18, 2025

IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7... Moderate Unreviewed

CVE-2024-49825 was published Apr 14, 2025

IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could... Moderate Unreviewed

CVE-2024-25051 was published Apr 2, 2025

A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse... Moderate Unreviewed

CVE-2025-28132 was published Apr 1, 2025

Improper session management in the identity provider authentication flow in Devolutions Server... Moderate Unreviewed

CVE-2024-1900 was published Mar 6, 2024

A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an... Moderate Unreviewed

CVE-2024-20301 was published Mar 6, 2024

This disclosure regards a vulnerability related to UAA refresh tokens and external identity... Moderate Unreviewed

CVE-2023-20903 was published Mar 28, 2023

Previous1…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

120 advisories