Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

248 advisories

Loading
Use of Insufficiently Random Values in penggle:kaptcha Critical
CVE-2018-18531 was published for com.github.penggle:kaptcha (Maven) Oct 23, 2018
Insecure randomness in socket.io High
CVE-2017-16031 was published for socket.io (npm) Nov 7, 2018
Improper random number generation in github.com/coredns/coredns Moderate
GHSA-gv9j-4w24-q7vx was published for github.com/coredns/coredns (Go) Mar 1, 2022
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version... High Unreviewed
CVE-2023-22601 was published Jan 13, 2023
Predictable CSRF tokens in centreon/centreon Moderate
CVE-2021-28055 was published for centreon/centreon (Composer) Jun 8, 2021
Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web... High Unreviewed
CVE-2021-46010 was published Apr 1, 2022
randomUUID in Scala.js before 1.10.0 generates predictable values. High Unreviewed
CVE-2022-28355 was published Apr 3, 2022
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS... High Unreviewed
CVE-2022-22517 was published Apr 8, 2022
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the... Critical Unreviewed
CVE-2022-27577 was published Apr 12, 2022
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state... Critical Unreviewed
CVE-2022-26851 was published Apr 9, 2022
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't... Moderate Unreviewed
CVE-2022-29035 was published Apr 12, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... Critical Unreviewed
CVE-2022-25752 was published Apr 13, 2022
Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup... Critical Unreviewed
CVE-2019-7667 was published May 24, 2022
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value Moderate Unreviewed
CVE-2022-29930 was published May 13, 2022
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's... Moderate Unreviewed
CVE-2018-1108 was published May 13, 2022
Multiple W&T products of the Comserver Series use a small number space for allocating sessions... Critical Unreviewed
CVE-2022-42787 was published Nov 10, 2022
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the... Critical Unreviewed
CVE-2021-20322 was published Feb 19, 2022
Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute... Moderate Unreviewed
CVE-2020-15023 was published May 24, 2022
Weak private key generation in SSH.NET Moderate
CVE-2022-29245 was published for SSH.NET (NuGet) Jun 1, 2022
yaumn-synacktiv
ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values... High Unreviewed
CVE-2022-23138 was published Jun 10, 2022
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of... Moderate Unreviewed
CVE-2021-25444 was published May 24, 2022
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of... High Unreviewed
CVE-2022-32284 was published Jul 5, 2022
A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen... High Unreviewed
CVE-2017-7901 was published May 17, 2022
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker... Moderate Unreviewed
CVE-2022-33707 was published Jul 13, 2022
totd before 1.5.3 does not properly randomize mesg IDs. Moderate Unreviewed
CVE-2022-34295 was published Jun 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database