Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,241
Maven
5,000+
npm
3,902
NuGet
701
pip
3,669
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

324 advisories

Loading
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session... Moderate Unreviewed
CVE-2024-45651 was published Apr 18, 2025
IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7... Moderate Unreviewed
CVE-2024-49825 was published Apr 14, 2025
Mattermost Mobile Apps versions <=2.25.0  fail to terminate sessions during logout under certain... Low Unreviewed
CVE-2025-30516 was published Apr 14, 2025
A session management vulnerability exists in Apache Roller before version 6.1.5 where active user... Critical Unreviewed
CVE-2025-24859 was published Apr 14, 2025
Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under... High Unreviewed
CVE-2025-1968 was published Apr 9, 2025
IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could... Moderate Unreviewed
CVE-2024-25051 was published Apr 2, 2025
A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse... Moderate Unreviewed
CVE-2025-28132 was published Apr 1, 2025
Session logout could be overwritten in Checkmk GmbH's Checkmk versions <2.3.0p30, <2.2.0p41, and... Low Unreviewed
CVE-2025-2596 was published Mar 26, 2025
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session... Moderate Unreviewed
CVE-2024-57056 was published Feb 18, 2025
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior... Moderate Unreviewed
CVE-2025-1198 was published Feb 13, 2025
A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 ... High Unreviewed
CVE-2024-45386 was published Feb 11, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS... Critical Unreviewed
CVE-2025-24106 was published Jan 28, 2025
Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing... Critical Unreviewed
CVE-2024-13280 was published Jan 9, 2025
Apache Airflow Fab Provider Insufficient Session Expiration vulnerability Low
CVE-2024-45033 was published for apache-airflow-providers-fab (pip) Jan 8, 2025
: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation... Moderate Unreviewed
CVE-2024-11627 was published Jan 7, 2025
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity... High Unreviewed
CVE-2025-22386 was published Jan 4, 2025
Missing session invalidation after user deletion. The following products are affected: Acronis... Moderate Unreviewed
CVE-2024-56413 was published Jan 2, 2025
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles Moderate Unreviewed
CVE-2024-56351 was published Dec 20, 2024
TShock Security Escalation Exploit High
GHSA-hvm9-wc8j-mgrc was published for TShock (NuGet) Dec 18, 2024
sgkoishi THEXN
A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2024-12667 was published Dec 16, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17... Moderate Unreviewed
CVE-2024-11668 was published Nov 26, 2024
IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for... Moderate Unreviewed
CVE-2024-35160 was published Nov 23, 2024
A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue... Moderate Unreviewed
CVE-2024-11208 was published Nov 14, 2024
Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin High
CVE-2024-52553 was published for org.jenkins-ci.plugins:oic-auth (Maven) Nov 13, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed
CVE-2024-46892 was published Nov 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database