GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

227 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

This vulnerability allows the successful attacker to gain unauthorized access to a configuration... Critical Unreviewed

CVE-2024-13967 was published Jun 4, 2025

Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive... Low Unreviewed

CVE-2023-45718 was published Feb 10, 2024

An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can... High Unreviewed

CVE-2021-44151 was published Dec 14, 2021

Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie... Moderate Unreviewed

CVE-2022-30769 was published Nov 16, 2022

An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user... Moderate Unreviewed

CVE-2022-44788 was published Nov 22, 2022

A critical vulnerability was found in PHPGurukul User Registration & Login and User Management... Critical Unreviewed

CVE-2025-45949 was published Apr 28, 2025

A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change... Critical Unreviewed

CVE-2025-45953 was published Apr 28, 2025

This vulnerability exists in Meon KYC solutions due to improper handling of access and refresh... High Unreviewed

CVE-2025-42602 was published Apr 23, 2025

Improper session management in Elber REBLE310 Firmware v5.5.1.R , Equipment Model: REBLE310/RX10... Critical Unreviewed

CVE-2025-28238 was published Apr 18, 2025

Improper session management in the /login_ok.htm endpoint of DAEnetIP4 METO v1.25 allows... Critical Unreviewed

CVE-2025-28242 was published Apr 18, 2025

Session fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web... Critical Unreviewed

CVE-2017-12965 was published May 14, 2022

A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow... Moderate Unreviewed

CVE-2017-12225 was published May 13, 2022

An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier... High Unreviewed

CVE-2017-4963 was published May 14, 2022

Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an... Moderate Unreviewed

CVE-2017-0892 was published May 13, 2022

Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session... Critical Unreviewed

CVE-2016-9125 was published May 13, 2022

Session fixation vulnerability in the forgot password mechanism in Revive Adserver before 4.0.1,... Moderate Unreviewed

CVE-2017-5831 was published May 17, 2022

An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could... High Unreviewed

CVE-2020-15679 was published Dec 22, 2022

Internet Starter, one of SoftCOM iKSORIS system modules, allows for setting an arbitrary session... Low Unreviewed

CVE-2024-49709 was published Apr 14, 2025

When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables... High Unreviewed

CVE-2025-0126 was published Apr 11, 2025

E-Mails exported as PDF were stored in a cache that did not consider specific session information... Moderate Unreviewed

CVE-2024-23193 was published May 6, 2024

Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to... High Unreviewed

CVE-2007-4188 was published May 1, 2022

In NetAdmin 4.0.30319, an attacker can steal a valid session cookie and inject it into another... High Unreviewed

CVE-2024-48955 was published Oct 29, 2024

The Service Layer in SAP Business One, allows attackers to potentially gain unauthorized access... Moderate Unreviewed

CVE-2025-26658 was published Mar 11, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27661 was published Mar 5, 2025

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages with Watson Assistant chat feature... Moderate Unreviewed

CVE-2024-49344 was published Feb 20, 2025

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

227 advisories