Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

295 advisories

Loading
An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN 8TX, FL NAT SMN 8TX-M, and... High Unreviewed
CVE-2019-9744 was published May 14, 2022
Session Fixation in Jenkins Moderate
CVE-2018-1000409 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Session fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web... Critical Unreviewed
CVE-2017-12965 was published May 14, 2022
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation... High Unreviewed
CVE-2015-5384 was published May 14, 2022
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote... Critical Unreviewed
CVE-2019-5523 was published May 14, 2022
The console login resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before... High Unreviewed
CVE-2017-18105 was published May 14, 2022
Symfony Session Fixation Vulnerability High
CVE-2018-11385 was published for symfony/security (Composer) May 14, 2022
Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before... High Unreviewed
CVE-2018-20238 was published May 14, 2022
DbNinja 3.2.7 allows session fixation via the data.php sessid parameter. Critical Unreviewed
CVE-2019-7747 was published May 14, 2022
Session fixation exists in ZoneMinder through 1.32.3, as an attacker can fixate his own session... High Unreviewed
CVE-2019-7350 was published May 14, 2022
Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as... Critical Unreviewed
CVE-2018-18925 was published May 14, 2022
A Session Fixation issue was discovered in Bigtree before 4.2.24. admin.php accepts a user... Moderate Unreviewed
CVE-2018-18380 was published May 14, 2022
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the password... High Unreviewed
CVE-2018-9082 was published May 14, 2022
Session Fixation in the web application for TerraMaster TOS version 3.1.03 allows attackers to... Moderate Unreviewed
CVE-2018-13337 was published May 14, 2022
Symfony Session Fixation Vulnerability Low
CVE-2015-8124 was published for symfony/security (Composer) May 14, 2022
An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web... High Unreviewed
CVE-2018-14387 was published May 14, 2022
Jenkins SAML Plugin Session Fixation vulnerability Moderate
CVE-2018-1000602 was published for org.jenkins-ci.plugins:saml (Maven) May 14, 2022
CodeIgniter Session Fixation Vulnerability Critical
CVE-2018-12071 was published for codeigniter/framework (Composer) May 14, 2022
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel... Critical Unreviewed
CVE-2018-11714 was published May 14, 2022
** DISPUTED ** Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused... Moderate Unreviewed
CVE-2018-11567 was published May 14, 2022
SimpleSAMLphp Session fixation issue and authentication bypass in the authcrypt module Critical
CVE-2017-12868 was published for simplesamlphp/simplesamlphp (Composer) May 14, 2022
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at... High Unreviewed
CVE-2018-11474 was published May 14, 2022
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1... High Unreviewed
CVE-2018-11475 was published May 14, 2022
ClipperCMS 1.3.3 allows Session Fixation. High Unreviewed
CVE-2018-11571 was published May 14, 2022
An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. The admin login session... High Unreviewed
CVE-2018-10252 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database