Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

111 advisories

Loading
IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform... Moderate Unreviewed
CVE-2025-36040 was published Jul 31, 2025
An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4... Moderate Unreviewed
CVE-2024-27779 was published Jul 18, 2025
Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel... Moderate Unreviewed
CVE-2025-4407 was published Jun 30, 2025
An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0,... Moderate Unreviewed
CVE-2024-50562 was published Jun 10, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2025-25019 was published Jun 3, 2025
IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could... Moderate Unreviewed
CVE-2025-33005 was published Jun 1, 2025
A vulnerability was found in Dígitro NGC Explorer up to 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4528 was published May 11, 2025
IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow... Moderate Unreviewed
CVE-2024-22351 was published Apr 24, 2025
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session... Moderate Unreviewed
CVE-2024-45651 was published Apr 18, 2025
IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7... Moderate Unreviewed
CVE-2024-49825 was published Apr 14, 2025
IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could... Moderate Unreviewed
CVE-2024-25051 was published Apr 2, 2025
A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse... Moderate Unreviewed
CVE-2025-28132 was published Apr 1, 2025
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session... Moderate Unreviewed
CVE-2024-57056 was published Feb 18, 2025
An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior... Moderate Unreviewed
CVE-2025-1198 was published Feb 13, 2025
: Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation... Moderate Unreviewed
CVE-2024-11627 was published Jan 7, 2025
Missing session invalidation after user deletion. The following products are affected: Acronis... Moderate Unreviewed
CVE-2024-56413 was published Jan 2, 2025
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles Moderate Unreviewed
CVE-2024-56351 was published Dec 20, 2024
A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2024-12667 was published Dec 16, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17... Moderate Unreviewed
CVE-2024-11668 was published Nov 26, 2024
IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for... Moderate Unreviewed
CVE-2024-35160 was published Nov 23, 2024
A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue... Moderate Unreviewed
CVE-2024-11208 was published Nov 14, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed
CVE-2024-46892 was published Nov 12, 2024
The logout operation in the CloudStack web interface does not expire the user session completely... Moderate Unreviewed
CVE-2024-45462 was published Oct 16, 2024
IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration.... Moderate Unreviewed
CVE-2024-46040 was published Oct 7, 2024
HCL Nomad is susceptible to an insufficient session expiration vulnerability.   Under certain... Moderate Unreviewed
CVE-2024-23586 was published Sep 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database