Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

47 advisories

Loading
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm... High Unreviewed
CVE-2023-28395 was published Mar 28, 2023
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the... High Unreviewed
CVE-2021-22948 was published May 24, 2022
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the... High Unreviewed
CVE-2022-0828 was published Apr 12, 2022
Ethyca Fides Cryptographically Weak Generation of One-Time Codes for Identity Verification High
CVE-2023-48224 was published for ethyca-fides (pip) Nov 16, 2023
RobertKeyser
Magento 2 Community Edition Weak PRNG High
CVE-2019-7860 was published for magento/community-edition (Composer) May 24, 2022
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag... High Unreviewed
CVE-2024-23660 was published Feb 8, 2024
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random... High Unreviewed
CVE-2008-0166 was published May 1, 2022
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows... High Unreviewed
CVE-2009-2367 was published May 2, 2022
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver <... High Unreviewed
CVE-2019-5440 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator. High Unreviewed
CVE-2020-13784 was published May 24, 2022
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. High Unreviewed
CVE-2023-32549 was published Jun 6, 2023
The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6... High Unreviewed
CVE-2023-39910 was published Aug 9, 2023
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using... High Unreviewed
CVE-2022-26943 was published Oct 19, 2023
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate... High Unreviewed
CVE-2023-27791 was published Oct 19, 2023
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed ... High Unreviewed
CVE-2024-25389 was published Mar 27, 2024
Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography. High Unreviewed
CVE-2024-34538 was published May 6, 2024
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time... High Unreviewed
CVE-2016-10180 was published May 13, 2022
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to... High Unreviewed
CVE-2021-34600 was published Jan 21, 2022
The goTenna Pro ATAK Plugin does not use SecureRandom when generating its cryptographic keys.... High Unreviewed
CVE-2024-45723 was published Sep 26, 2024
matrix-sydent and matrix-synapse Use Cryptographically Weak PRNG High
CVE-2019-11842 was published for matrix-sydent (pip) May 24, 2022
westonsteimel
The goTenna Pro series does not use SecureRandom when generating its cryptographic keys. The... High Unreviewed
CVE-2024-47126 was published Sep 26, 2024
Passeo uses insecure random number generator High
CVE-2022-23472 was published for Passeo (pip) Dec 6, 2022
Bluenix2 ArjunSharda
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database