Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34 advisories

Loading
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on... Moderate Unreviewed
CVE-2024-39734 was published Jul 14, 2024
Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics... Critical Unreviewed
CVE-2024-0947 was published Jun 27, 2024
The application suffers from a privilege escalation vulnerability. An attacker logged in as... High Unreviewed
CVE-2024-22186 was published Apr 19, 2024
The device allows an unauthenticated attacker to bypass authentication and modify the cookie to... High Unreviewed
CVE-2024-21872 was published Apr 19, 2024
The website configured in the URL widget will receive a session cookie when testing or executing... High Unreviewed
CVE-2023-32725 was published Dec 22, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Session management within the web application is... Critical Unreviewed
CVE-2023-41084 was published Sep 18, 2023
CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. Critical Unreviewed
CVE-2023-35885 was published Jun 20, 2023
Reliance on Cookies without Validation and Integrity Checking in a Security Decision... Critical Unreviewed
CVE-2023-3050 was published Jun 13, 2023
All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without... Moderate Unreviewed
CVE-2022-3083 was published Feb 1, 2023
UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning. Critical Unreviewed
CVE-2022-38297 was published Sep 13, 2022
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a... Moderate Unreviewed
CVE-2022-2615 was published Aug 13, 2022
IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a... High Unreviewed
CVE-2022-35284 was published Jul 26, 2022
Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session... Moderate Unreviewed
CVE-2021-40642 was published Jun 30, 2022
A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This... High Unreviewed
CVE-2016-15002 was published Jun 10, 2022
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain... Critical Unreviewed
CVE-2021-28171 was published May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for... Moderate Unreviewed
CVE-2019-4330 was published May 24, 2022
Linear eMerge 50P/5000P devices allow Authentication Bypass. Critical Unreviewed
CVE-2019-7266 was published May 24, 2022
Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware... High Unreviewed
CVE-2021-33842 was published May 24, 2022
DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The... Critical Unreviewed
CVE-2021-29012 was published May 24, 2022
When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re... Moderate Unreviewed
CVE-2020-26955 was published May 24, 2022
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is... Moderate Unreviewed
CVE-2020-7070 was published May 24, 2022
IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2019-4305 was published May 24, 2022
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0... Critical Unreviewed
CVE-2022-22785 was published May 19, 2022
V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2008-5784 was published May 17, 2022
PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access... Critical Unreviewed
CVE-2018-5190 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API