GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

92 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can... High Unreviewed

CVE-2021-44151 was published Dec 14, 2021

This vulnerability exists in Meon KYC solutions due to improper handling of access and refresh... High Unreviewed

CVE-2025-42602 was published Apr 23, 2025

An issue was discovered in Cloud Foundry Foundation Cloud Foundry release v252 and earlier... High Unreviewed

CVE-2017-4963 was published May 14, 2022

An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could... High Unreviewed

CVE-2020-15679 was published Dec 22, 2022

When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables... High Unreviewed

CVE-2025-0126 was published Apr 11, 2025

Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to... High Unreviewed

CVE-2007-4188 was published May 1, 2022

In NetAdmin 4.0.30319, an attacker can steal a valid session cookie and inject it into another... High Unreviewed

CVE-2024-48955 was published Oct 29, 2024

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2. High Unreviewed

CVE-2022-31888 was published Apr 6, 2023

Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote... High Unreviewed

CVE-2024-56529 was published Jan 29, 2025

An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video... High Unreviewed

CVE-2023-34656 was published Jun 29, 2023

A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7... High Unreviewed

CVE-2023-50176 was published Nov 12, 2024

The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a... High Unreviewed

CVE-2024-45368 was published Sep 13, 2024

An issue in Outline <= v0.76.1 allows attackers to execute a session hijacking attack via user... High Unreviewed

CVE-2024-37829 was published Jul 9, 2024

eQ-3 HomeMatic CCU3 firmware 3.41.11 allows session fixation. An attacker can create session IDs... High Unreviewed

CVE-2019-15849 was published May 24, 2022

A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on... High Unreviewed

CVE-2023-45687 was published Oct 16, 2023

Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows... High Unreviewed

CVE-2023-3711 was published Sep 12, 2023

Some access control products are vulnerable to a session hijacking attack because the product... High Unreviewed

CVE-2023-28809 was published Jun 15, 2023

A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to... High Unreviewed

CVE-2023-30056 was published May 9, 2023

An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session... High Unreviewed

CVE-2022-44017 was published Dec 25, 2022

On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side... High Unreviewed

CVE-2020-5894 was published May 24, 2022

An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management... High Unreviewed

CVE-2020-11728 was published May 24, 2022

Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an... High Unreviewed

CVE-2019-11173 was published May 24, 2022

An internal product security audit discovered a session handling vulnerability in the web... High Unreviewed

CVE-2019-6161 was published May 24, 2022

A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core... High Unreviewed

CVE-2019-5406 was published May 24, 2022

On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16, automatic login... High Unreviewed

CVE-2019-10120 was published May 24, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

92 advisories