Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

251 advisories

Loading
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random... Critical Unreviewed
CVE-2023-2884 was published May 25, 2023
An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of... Moderate Unreviewed
CVE-2018-19441 was published May 24, 2022
The token generator in index.php in Centreon Web before 2.8.27 is predictable. Moderate Unreviewed
CVE-2019-17105 was published May 24, 2022
Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap... Critical Unreviewed
CVE-2019-2294 was published May 24, 2022
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include... Moderate Unreviewed
CVE-2019-1549 was published May 24, 2022
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while... Moderate Unreviewed
CVE-2019-12821 was published May 24, 2022
The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token,... Moderate Unreviewed
CVE-2018-18425 was published May 24, 2022
gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which... Moderate Unreviewed
CVE-2019-11690 was published May 24, 2022
Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including... High Unreviewed
CVE-2019-11641 was published May 24, 2022
generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp... Critical Unreviewed
CVE-2014-6311 was published May 17, 2022
Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness Critical Unreviewed
CVE-2013-4102 was published May 5, 2022
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector... High Unreviewed
CVE-2020-11877 was published May 24, 2022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap... Moderate Unreviewed
CVE-2019-1010025 was published May 24, 2022
React Native Bluetooth Scan in Bluezone 1.0.0 uses six-character alphanumeric IDs, which might... Moderate Unreviewed
CVE-2020-12270 was published May 24, 2022
A vulnerability classified as problematic has been found in Poly CCX 400, CCX 600, Trio 8800 and... Low Unreviewed
CVE-2023-4462 was published Dec 29, 2023
@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys Critical
GHSA-84c3-j8r2-mcm8 was published for @nfid/embed (npm) Feb 26, 2024
MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded... Moderate Unreviewed
CVE-2008-4929 was published May 17, 2022
The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy... Moderate Unreviewed
CVE-2008-5162 was published May 17, 2022
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses... High Unreviewed
CVE-2008-0087 was published May 1, 2022
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0... Moderate Unreviewed
CVE-2009-0255 was published May 2, 2022
The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business... High Unreviewed
CVE-2008-2433 was published May 1, 2022
The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e... Moderate Unreviewed
CVE-2008-2020 was published May 1, 2022
agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate` Critical
CVE-2024-1631 was published for @dfinity/auth-client (npm) Feb 21, 2024
peterpeterparker krpeacock
Use of Insufficiently Random Values in github.com/greenpau/caddy-security Moderate
CVE-2024-21495 was published for github.com/greenpau/caddy-security (Go) Feb 17, 2024
Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it... Moderate Unreviewed
CVE-2008-4905 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database