Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
902
Swift
38
Unreviewed advisories
All unreviewed
5,000+

313 advisories

Loading
Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging... Low Unreviewed
CVE-2022-22283 was published Jan 11, 2022
Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side... High Unreviewed
CVE-2021-37866 was published Jan 19, 2022
Apostrophe CMS Insufficient Session Expiration vulnerability Critical
CVE-2021-25979 was published for apostrophe (npm) Nov 10, 2021
In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session... High Unreviewed
CVE-2022-22113 was published Jan 14, 2022
A CWE-614 Insufficient Session Expiration vulnerability exists that could allow an attacker to... Critical Unreviewed
CVE-2021-22820 was published Jan 29, 2022
In Ifme, versions 1.0.0 to v.7.33.2 don’t properly invalidate a user’s session even after the... Critical Unreviewed
CVE-2021-25992 was published Feb 11, 2022
In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't... High Unreviewed
CVE-2022-24341 was published Feb 26, 2022
IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after logout which could allow an... Moderate Unreviewed
CVE-2021-38986 was published Mar 2, 2022
In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie. Moderate Unreviewed
CVE-2022-24332 was published Feb 26, 2022
Use of a Key Past its Expiration Date and Insufficient Session Expiration in Maddy Mail Server Moderate
CVE-2022-24732 was published for github.com/foxcpp/maddy (Go) Mar 7, 2022
ysf
Insufficient Session Expiration in Jenkins Azure AD Plugin High
CVE-2023-24426 was published for org.jenkins-ci.plugins:azure-ad (Maven) Jan 26, 2023
TYPO3 vulnerable to Insufficient Session Expiration Critical
CVE-2022-47406 was published for derhansen/fe_change_pwd (Composer) Dec 14, 2022
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared... High Unreviewed
CVE-2017-12191 was published May 13, 2022
FlyteAdmin Insufficient AccessToken Expiration Check Moderate
CVE-2022-31145 was published for github.com/flyteorg/flyteadmin (Go) Jul 15, 2022
mayitbeegh
SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration... Moderate Unreviewed
CVE-2022-34392 was published Feb 11, 2023
Gitaly Insufficient Session Expiration vulnerability Low
CVE-2020-13353 was published for gitaly (RubyGems) May 24, 2022
Camaleon CMS Insufficient Session Expiration vulnerability High
CVE-2021-25970 was published for camaleon_cms (RubyGems) May 24, 2022
An insufficient session expiration vulnerability exists in the ArubaOS command line interface.... Low Unreviewed
CVE-2023-22771 was published Mar 1, 2023
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk <= 2.1.0p10... Critical Unreviewed
CVE-2022-48317 was published Feb 20, 2023
Answer vulnerable to Insufficient Session Expiration High
CVE-2023-1543 was published for github.com/answerdev/answer (Go) Mar 21, 2023
IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user... Low Unreviewed
CVE-2023-22591 was published Mar 15, 2023
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the ... Moderate Unreviewed
CVE-2022-30699 was published Aug 2, 2022
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ... Moderate Unreviewed
CVE-2022-30698 was published Aug 2, 2022
HashiCorp Nomad vulnerable to Insufficient Session Expiration Low
CVE-2022-3867 was published for github.com/hashicorp/nomad (Go) Nov 10, 2022
tdunlap607
Firefly III insufficiently expires sessions Moderate
CVE-2023-1788 was published for grumpydictator/firefly-iii (Composer) Apr 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database