Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

132 advisories

Loading
Insufficient Session Expiration in TYPO3's Admin Tool Moderate
CVE-2022-31050 was published for typo3/cms (Composer) Jun 17, 2022
waldhacker1 ohader
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration... Moderate Unreviewed
CVE-2022-30277 was published Jun 3, 2022
IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to... Moderate Unreviewed
CVE-2021-29868 was published May 24, 2022
The vulnerability can be described as a failure to invalidate user session upon password change.... Moderate Unreviewed
CVE-2021-35214 was published May 24, 2022
IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session... Moderate Unreviewed
CVE-2021-20473 was published May 24, 2022
An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may... Moderate Unreviewed
CVE-2020-29012 was published May 24, 2022
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after... Moderate Unreviewed
CVE-2021-20431 was published May 24, 2022
An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine... Moderate Unreviewed
CVE-2021-26037 was published May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5... Moderate Unreviewed
CVE-2021-22221 was published May 24, 2022
A vulnerability was found in the Quay web application. Sessions in the Quay web application never... Moderate Unreviewed
CVE-2019-3867 was published May 24, 2022
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through... Moderate Unreviewed
CVE-2021-27351 was published May 24, 2022
Magento Insufficient Session Expiration Moderate
CVE-2021-21031 was published for magento/community-edition (Composer) May 24, 2022
Magento Insufficient Session Expiration Moderate
CVE-2021-21032 was published for magento/community-edition (Composer) May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 does not invalidate session after logout... Moderate Unreviewed
CVE-2020-4995 was published May 24, 2022
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could... Moderate Unreviewed
CVE-2020-14247 was published May 24, 2022
IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could... Moderate Unreviewed
CVE-2020-4696 was published May 24, 2022
Microweber Insufficient Session Expiry Moderate
CVE-2020-23136 was published for microweber/microweber (Composer) May 24, 2022
CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal... Moderate Unreviewed
CVE-2020-25374 was published May 24, 2022
The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS... Moderate Unreviewed
CVE-2020-1666 was published May 24, 2022
IBM Security Access Manager Appliance 9.0.7 does not invalidate session after logout which could... Moderate Unreviewed
CVE-2020-4395 was published May 24, 2022
OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam... Moderate Unreviewed
CVE-2020-4780 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. Because of implicitly remembered... Moderate Unreviewed
CVE-2020-15774 was published May 24, 2022
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The... Moderate Unreviewed
CVE-2020-13299 was published May 24, 2022
When an agent user is renamed or set to invalid the session belonging to the user is keept active... Moderate Unreviewed
CVE-2020-1776 was published May 24, 2022
OpenVPN Access Server older than version 2.8.4 generates new user authentication tokens instead... Moderate Unreviewed
CVE-2020-15074 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database