GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
294 advisories
Filter by severity
In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack...
High
Unreviewed
CVE-2021-33322
was published
May 24, 2022
In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration....
High
Unreviewed
CVE-2021-25940
was published
May 24, 2022
In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improperly invalidate a user’s...
Critical
Unreviewed
CVE-2021-25985
was published
May 24, 2022
Camaleon CMS Insufficient Session Expiration vulnerability
High
CVE-2021-25970
was published
for
camaleon_cms
(RubyGems)
May 24, 2022
Token leases could outlive their TTL in HashiCorp Vault
Critical
CVE-2020-25816
was published
for
github.com/hashicorp/vault
(Go)
May 24, 2022
A vulnerability in the web-based management interface of multiple Cisco Small Business Series...
High
Unreviewed
CVE-2021-34739
was published
May 24, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, the account associated with a web...
Critical
Unreviewed
CVE-2021-40849
was published
May 24, 2022
IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to...
Moderate
Unreviewed
CVE-2021-29868
was published
May 24, 2022
The vulnerability can be described as a failure to invalidate user session upon password change....
Moderate
Unreviewed
CVE-2021-35214
was published
May 24, 2022
IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session...
Moderate
Unreviewed
CVE-2021-20473
was published
May 24, 2022
An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and...
Critical
Unreviewed
CVE-2021-24019
was published
May 24, 2022
The IceHrm 30.0.0 OS website was found vulnerable to Session Management Issue. A signout from an...
Critical
Unreviewed
CVE-2021-38823
was published
May 24, 2022
Laravel Booking System Booking Core 2.0 is vulnerable to Session Management. A password change at...
Critical
Unreviewed
CVE-2021-37333
was published
May 24, 2022
An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may...
Moderate
Unreviewed
CVE-2020-29012
was published
May 24, 2022
An insufficient session expiration vulnerability exists in the "Fish | Hunt FL" iOS app version 3...
High
Unreviewed
CVE-2021-33982
was published
May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to...
High
Unreviewed
CVE-2021-39113
was published
May 24, 2022
The useradm service 1.14.0 (in Northern.tech Mender Enterprise 2.7.x before 2.7.1) and 1.13.0 (in...
High
Unreviewed
CVE-2021-35342
was published
May 24, 2022
Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor...
High
Unreviewed
CVE-2021-37156
was published
May 24, 2022
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after...
Moderate
Unreviewed
CVE-2021-20431
was published
May 24, 2022
An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine...
Moderate
Unreviewed
CVE-2021-26037
was published
May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not invalidate session after logout...
High
Unreviewed
CVE-2021-20378
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series...
High
Unreviewed
CVE-2021-1542
was published
May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5...
Moderate
Unreviewed
CVE-2021-22221
was published
May 24, 2022
In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where...
Low
Unreviewed
CVE-2021-22136
was published
May 24, 2022
A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software...
High
Unreviewed
CVE-2021-1501
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API