GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,498

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

59 advisories

Filter by severity

Sort by

Least recently updated

On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then... High Unreviewed

CVE-2021-22038 was published May 24, 2022

An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow... High Unreviewed

CVE-2021-26098 was published May 24, 2022

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password... High Unreviewed

CVE-2020-13860 was published May 24, 2022

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol... High Unreviewed

CVE-2020-27264 was published May 24, 2022

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon... High Unreviewed

CVE-2020-1472 was published May 24, 2022

airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector... High Unreviewed

CVE-2020-11877 was published May 24, 2022

CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of... High Unreviewed

CVE-2019-6821 was published May 24, 2022

Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including... High Unreviewed

CVE-2019-11641 was published May 24, 2022

Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which... High Unreviewed

CVE-2016-5085 was published May 17, 2022

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen... High Unreviewed

CVE-2017-7901 was published May 17, 2022

PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote... High Unreviewed

CVE-2017-10874 was published May 17, 2022

Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide... High Unreviewed

CVE-2022-30782 was published May 17, 2022

The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum... High Unreviewed

CVE-2018-17987 was published May 14, 2022

In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure... High Unreviewed

CVE-2019-1997 was published May 14, 2022

Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. High Unreviewed

CVE-2018-20025 was published May 14, 2022

POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be... High Unreviewed

CVE-2018-15807 was published May 13, 2022

A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569... High Unreviewed

CVE-2017-17704 was published May 13, 2022

wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be... High Unreviewed

CVE-2017-17091 was published May 13, 2022

Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380... High Unreviewed

CVE-2017-15654 was published May 13, 2022

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the... High Unreviewed

CVE-2017-13082 was published May 13, 2022

Due to unencrypted signal communication and predictability of rolling codes, an attacker can ... High Unreviewed

CVE-2019-9860 was published May 13, 2022

The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the... High Unreviewed

CVE-2019-8919 was published May 13, 2022

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to... High Unreviewed

CVE-2013-6925 was published May 13, 2022

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed

CVE-2022-26071 was published May 6, 2022

account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently... High Unreviewed

CVE-2009-2158 was published May 2, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

59 advisories