GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,991
Composer 4,876
Erlang 37
GitHub Actions 36
Go 2,521
Maven 5,974
npm 4,167
NuGet 741
pip 3,963
Pub 12
RubyGems 946
Rust 1,028
Swift 39

Unreviewed advisories

All unreviewed 271,048

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

254 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CISA Thorium does not properly invalidate previously used tokens when resetting passwords. An... Low Unreviewed

CVE-2025-35433 was published Sep 17, 2025

Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One prior to... Moderate Unreviewed

CVE-2025-10223 was published Sep 10, 2025

Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows... High Unreviewed

CVE-2024-43685 was published Oct 4, 2024

Session logout could be overwritten in Checkmk GmbH's Checkmk versions <2.3.0p30, <2.2.0p41, and... Low Unreviewed

CVE-2025-2596 was published Mar 26, 2025

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Low Unreviewed

CVE-2024-41985 was published Aug 12, 2025

IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform... Moderate Unreviewed

CVE-2025-36040 was published Jul 31, 2025

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online... High Unreviewed

CVE-2025-50485 was published Jul 28, 2025

Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car... High Unreviewed

CVE-2025-50486 was published Jul 28, 2025

Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood... High Unreviewed

CVE-2025-50487 was published Jul 28, 2025

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM... High Unreviewed

CVE-2025-50484 was published Jul 28, 2025

Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank... High Unreviewed

CVE-2025-50491 was published Jul 28, 2025

Improper session invalidation in the component /library/change-password.php of PHPGurukul Online... High Unreviewed

CVE-2025-50488 was published Jul 28, 2025

HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain... High Unreviewed

CVE-2025-31952 was published Jul 24, 2025

An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4... Moderate Unreviewed

CVE-2024-27779 was published Jul 18, 2025

On versions before 2.1.4, session is not invalidated after logout. When the user logged in... Critical Unreviewed

CVE-2024-29070 was published Jul 23, 2024

Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel... Moderate Unreviewed

CVE-2025-4407 was published Jun 30, 2025

MICROSENS NMP Web+ contain JSON Web Tokens (JWT) that do not expire, which could allow an... High Unreviewed

CVE-2025-49152 was published Jun 26, 2025

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0,... Moderate Unreviewed

CVE-2024-50562 was published Jun 10, 2025

A session management vulnerability exists in Apache Roller before version 6.1.5 where active user... Critical Unreviewed

CVE-2025-24859 was published Apr 14, 2025

Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive... Low Unreviewed

CVE-2023-45718 was published Feb 10, 2024

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed

CVE-2025-25019 was published Jun 3, 2025

IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could... Moderate Unreviewed

CVE-2025-33005 was published Jun 1, 2025

Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not... Low Unreviewed

CVE-2025-0138 was published May 14, 2025

devhub 0.102.0 was discovered to contain a broken session control. Moderate Unreviewed

CVE-2022-41542 was published Oct 17, 2022

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3),... High Unreviewed

CVE-2025-40566 was published May 13, 2025

Previous1…11 Next

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

254 advisories