GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
211 advisories
Filter by severity
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles
Moderate
Unreviewed
CVE-2024-56351
was published
Dec 20, 2024
A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by...
Moderate
Unreviewed
CVE-2024-12667
was published
Dec 16, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17...
Moderate
Unreviewed
CVE-2024-11668
was published
Nov 26, 2024
IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for...
Moderate
Unreviewed
CVE-2024-35160
was published
Nov 23, 2024
A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue...
Moderate
Unreviewed
CVE-2024-11208
was published
Nov 14, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46892
was published
Nov 12, 2024
An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in...
Critical
Unreviewed
CVE-2021-35473
was published
Nov 11, 2024
The logout operation in the CloudStack web interface does not expire the user session completely...
Moderate
Unreviewed
CVE-2024-45462
was published
Oct 16, 2024
An issue in sbondCo Watcharr v.1.43.0 allows a remote attacker to execute arbitrary code and...
High
Unreviewed
CVE-2024-48827
was published
Oct 11, 2024
IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration....
Moderate
Unreviewed
CVE-2024-46040
was published
Oct 7, 2024
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain...
Moderate
Unreviewed
CVE-2024-23586
was published
Sep 28, 2024
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1...
Critical
Unreviewed
CVE-2024-8888
was published
Sep 18, 2024
IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which...
Moderate
Unreviewed
CVE-2024-38315
was published
Sep 16, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2)....
Moderate
Unreviewed
CVE-2024-32006
was published
Sep 10, 2024
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which...
Low
Unreviewed
CVE-2024-7998
was published
Aug 21, 2024
The Central Manager user session refresh token does not expire when a user logs out. Note:...
High
Unreviewed
CVE-2024-39809
was published
Aug 14, 2024
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and...
Low
Unreviewed
CVE-2022-45862
was published
Aug 13, 2024
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10...
Moderate
Unreviewed
CVE-2022-38382
was published
Aug 13, 2024
IBM Aspera Orchestrator 4.0.1 does not invalidate session after a password change which could...
Moderate
Unreviewed
CVE-2023-26288
was published
Jul 30, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 uses...
Moderate
Unreviewed
CVE-2022-32759
was published
Jul 25, 2024
On versions before 2.1.4, session is not invalidated after logout. When the user logged in...
Critical
Unreviewed
CVE-2024-29070
was published
Jul 23, 2024
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or...
High
Unreviewed
CVE-2024-41827
was published
Jul 22, 2024
Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0...
High
Unreviewed
CVE-2024-27782
was published
Jul 9, 2024
KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1...
High
Unreviewed
CVE-2024-36041
was published
Jul 5, 2024
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The...
High
Unreviewed
CVE-2024-5995
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API