GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
38 advisories
Filter by severity
Magento Insufficient Session Expiration
Moderate
CVE-2021-21031
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Insufficient Session Expiration
Moderate
CVE-2021-21032
was published
for
magento/community-edition
(Composer)
May 24, 2022
Microweber Insufficient Session Expiry
Moderate
CVE-2020-23136
was published
for
microweber/microweber
(Composer)
May 24, 2022
Keycloak Insufficient Session Expiry
Moderate
CVE-2020-1724
was published
for
org.keycloak:keycloak-core
(Maven)
May 24, 2022
Symfony DoS
Moderate
CVE-2018-11386
was published
for
symfony/http-foundation
(Composer)
May 14, 2022
SimpleSAMLphp Invalid token creation and validation
Moderate
CVE-2017-12867
was published
for
simplesamlphp/simplesamlphp
(Composer)
May 13, 2022
Use of a Key Past its Expiration Date and Insufficient Session Expiration in Maddy Mail Server
Moderate
CVE-2022-24732
was published
for
github.com/foxcpp/maddy
(Go)
Mar 7, 2022
Insufficient Session Expiration in Apache NiFi Registry
Moderate
CVE-2020-9482
was published
for
org.apache.nifi.registry:nifi-registry-web-api
(Maven)
Feb 9, 2022
Insufficient Session Expiration in Pterodactyl API
Moderate
GHSA-7v3x-h7r2-34jv
was published
for
pterodactyl/panel
(Composer)
Jan 21, 2022
incomplete JupyterHub logout with simultaneous JupyterLab sessions
Moderate
CVE-2021-41247
was published
for
jupyterhub
(pip)
Nov 8, 2021
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard
Moderate
CVE-2020-8867
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Aug 2, 2021
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19
Moderate
CVE-2021-31408
was published
for
com.vaadin:vaadin-bom
(Maven)
Apr 22, 2021
aiohttp-session creates non-expiring sessions
Moderate
CVE-2018-1000814
was published
for
aiohttp-session
(pip)
Dec 20, 2018
ProTip!
Advisories are also available from the
GraphQL API