Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

132 advisories

Loading
Magento Insufficient Session Expiration Moderate
CVE-2021-21031 was published for magento/community-edition (Composer) May 24, 2022
Magento Insufficient Session Expiration Moderate
CVE-2021-21032 was published for magento/community-edition (Composer) May 24, 2022
: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation... Moderate Unreviewed
CVE-2024-11627 was published Jan 7, 2025
Missing session invalidation after user deletion. The following products are affected: Acronis... Moderate Unreviewed
CVE-2024-56413 was published Jan 2, 2025
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles Moderate Unreviewed
CVE-2024-56351 was published Dec 20, 2024
A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2024-12667 was published Dec 16, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17... Moderate Unreviewed
CVE-2024-11668 was published Nov 26, 2024
Mage AI incorrectly gives privileges to users with deleted accounts Moderate
CVE-2024-45187 was published for mage-ai (pip) Aug 23, 2024
IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for... Moderate Unreviewed
CVE-2024-35160 was published Nov 23, 2024
A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue... Moderate Unreviewed
CVE-2024-11208 was published Nov 14, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed
CVE-2024-46892 was published Nov 12, 2024
cskefu v7 suffers from Insufficient Session Expiration, which allows attackers to exploit the old... Moderate Unreviewed
CVE-2024-29402 was published Apr 17, 2024
IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration.... Moderate Unreviewed
CVE-2024-46040 was published Oct 7, 2024
The MFA management features did not properly terminate existing user sessions when a user's MFA... Moderate Unreviewed
CVE-2024-21722 was published Feb 29, 2024
Umbraco CMS logout page displayed before session expiration Moderate
CVE-2024-48926 was published for Umbraco.CMS (NuGet) Oct 22, 2024
TRexStark
The logout operation in the CloudStack web interface does not expire the user session completely... Moderate Unreviewed
CVE-2024-45462 was published Oct 16, 2024
OctoPrint vulnerable to Insufficient Session Expiration. Moderate
CVE-2022-2888 was published for OctoPrint (pip) Sep 22, 2022
HCL Nomad is susceptible to an insufficient session expiration vulnerability.   Under certain... Moderate Unreviewed
CVE-2024-23586 was published Sep 28, 2024
incomplete JupyterHub logout with simultaneous JupyterLab sessions Moderate
CVE-2021-41247 was published for jupyterhub (pip) Nov 8, 2021
fritterhoff
IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which... Moderate Unreviewed
CVE-2024-38315 was published Sep 16, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2).... Moderate Unreviewed
CVE-2024-32006 was published Sep 10, 2024
An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in... Moderate Unreviewed
CVE-2024-36523 was published Jun 12, 2024
An issue was discovered in Linksys Router E1700 1.0.04 (build 3), allows authenticated attackers... Moderate Unreviewed
CVE-2024-22543 was published Feb 27, 2024
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10... Moderate Unreviewed
CVE-2022-38382 was published Aug 13, 2024
IBM Aspera Orchestrator 4.0.1 does not invalidate session after a password change which could... Moderate Unreviewed
CVE-2023-26288 was published Jul 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database