Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

111 advisories

Loading
TYPO3 is vulnerable to Insecure randomness in uniqid function Moderate
CVE-2010-3666 was published for typo3/cms-install (Composer) Apr 21, 2022
Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session.... Moderate Unreviewed
CVE-2024-23688 was published Jan 20, 2024
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2022-20941 was published Nov 16, 2022
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This... Moderate Unreviewed
CVE-2023-32831 was published Jan 2, 2024
Henschen & Associates court document management software does not sufficiently randomize file... Moderate Unreviewed
CVE-2023-6376 was published Nov 30, 2023
An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface... Moderate Unreviewed
CVE-2020-17470 was published May 24, 2022
golang.org/x/crypto/salsa20/salsa uses insufficiently random values Moderate
CVE-2019-11840 was published for golang.org/x/crypto (Go) May 24, 2022
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. Moderate Unreviewed
CVE-2022-1615 was published Sep 2, 2022
OrientDB Server Community Edition uses insufficiently random values to generate session IDs Moderate
CVE-2015-2913 was published for com.orientechnologies:orientdb-server (Maven) Oct 18, 2018
Cryptographically Weak PRNG in randomatic Moderate
CVE-2017-16028 was published for randomatic (npm) Oct 9, 2018
miekg/dns insecurely generates random numbers Moderate
CVE-2019-19794 was published for github.com/miekg/dns (Go) May 18, 2021
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All... Moderate Unreviewed
CVE-2021-25677 was published May 24, 2022
Fat Free CRM has fixed token value Moderate
CVE-2013-7222 was published for fat_free_crm (RubyGems) May 17, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... Moderate Unreviewed
CVE-2022-26317 was published Mar 9, 2022
Insufficient Entropy in PHPServerMon PRNG Moderate
CVE-2021-4240 was published for phpservermon/phpservermon (Composer) Nov 16, 2022
PHPServerMon PRNG has Insufficient Entropy Moderate
CVE-2021-4241 was published for phpservermon/phpservermon (Composer) Nov 16, 2022
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7... Moderate Unreviewed
CVE-2021-27499 was published May 24, 2022
Incorrect Calculation and Use of Insufficiently Random Values in Python Moderate Unreviewed
CVE-2020-14422 was published May 11, 2021
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the... Moderate Unreviewed
CVE-2023-20016 was published Feb 23, 2023
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed
CVE-2023-22912 was published Jan 20, 2023
CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource,... Moderate Unreviewed
CVE-2022-22700 was published Mar 4, 2022
Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to... Moderate Unreviewed
CVE-2018-11045 was published May 14, 2022
An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares... Moderate Unreviewed
CVE-2018-19983 was published May 13, 2022
On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single... Moderate Unreviewed
CVE-2017-17910 was published May 13, 2022
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared... Moderate Unreviewed
CVE-2018-1279 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database