GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,843

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

80 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was found in the 389 Directory Server that allows expired passwords to access the... High Unreviewed

CVE-2022-0996 was published Mar 24, 2022

The equipment grants a JWT token for each connection in the timeline, but during an active valid... High Unreviewed

CVE-2025-64386 was published Oct 31, 2025

Nagios Fusion versions prior to R2.1 contain a vulnerability due to the application not requiring... High Unreviewed

CVE-2025-34269 was published Oct 31, 2025

An insufficient session expiration vulnerability [CWE-613] and an incorrect authorization... High Unreviewed

CVE-2024-33507 was published Oct 14, 2025

Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows... High Unreviewed

CVE-2024-43685 was published Oct 4, 2024

Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car... High Unreviewed

CVE-2025-50486 was published Jul 28, 2025

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online... High Unreviewed

CVE-2025-50485 was published Jul 28, 2025

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM... High Unreviewed

CVE-2025-50484 was published Jul 28, 2025

Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood... High Unreviewed

CVE-2025-50487 was published Jul 28, 2025

Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank... High Unreviewed

CVE-2025-50491 was published Jul 28, 2025

Improper session invalidation in the component /library/change-password.php of PHPGurukul Online... High Unreviewed

CVE-2025-50488 was published Jul 28, 2025

HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain... High Unreviewed

CVE-2025-31952 was published Jul 24, 2025

MICROSENS NMP Web+ contain JSON Web Tokens (JWT) that do not expire, which could allow an... High Unreviewed

CVE-2025-49152 was published Jun 26, 2025

A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3),... High Unreviewed

CVE-2025-40566 was published May 13, 2025

ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is... High Unreviewed

CVE-2025-2185 was published Apr 25, 2025

Due to improper JSON Web Tokens implementation an unauthenticated remote attacker can guess a... High Unreviewed

CVE-2021-47663 was published Apr 24, 2025

An access control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows deleted users to... High Unreviewed

CVE-2025-28059 was published Apr 18, 2025

OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote... High Unreviewed

CVE-2017-11667 was published May 13, 2022

An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK... High Unreviewed

CVE-2016-8712 was published May 13, 2022

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking... High Unreviewed

CVE-2017-6529 was published May 17, 2022

Insufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under... High Unreviewed

CVE-2025-1968 was published Apr 9, 2025

An issue was discovered in Archer Platform 6 before 2024.04. Authentication was mishandled... High Unreviewed

CVE-2024-34092 was published May 6, 2024

A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 ... High Unreviewed

CVE-2024-45386 was published Feb 11, 2025

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity... High Unreviewed

CVE-2025-22386 was published Jan 4, 2025

An issue in Ateme Flamingo XL v.3.6.20 and XS v.3.6.5 allows a remote authenticated attacker to... High Unreviewed

CVE-2023-36252 was published Jun 26, 2023

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

80 advisories