Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

59 advisories

Loading
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version... High Unreviewed
CVE-2023-22601 was published Jan 13, 2023
Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web... High Unreviewed
CVE-2021-46010 was published Apr 1, 2022
randomUUID in Scala.js before 1.10.0 generates predictable values. High Unreviewed
CVE-2022-28355 was published Apr 3, 2022
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS... High Unreviewed
CVE-2022-22517 was published Apr 8, 2022
ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values... High Unreviewed
CVE-2022-23138 was published Jun 10, 2022
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of... High Unreviewed
CVE-2022-32284 was published Jul 5, 2022
A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen... High Unreviewed
CVE-2017-7901 was published May 17, 2022
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1... High Unreviewed
CVE-2022-30629 was published Aug 11, 2022
Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which... High Unreviewed
CVE-2016-5085 was published May 17, 2022
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of... High Unreviewed
CVE-2019-6821 was published May 24, 2022
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password... High Unreviewed
CVE-2020-13860 was published May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol... High Unreviewed
CVE-2020-27264 was published May 24, 2022
An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow... High Unreviewed
CVE-2021-26098 was published May 24, 2022
In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation... High Unreviewed
CVE-2022-29808 was published Aug 3, 2022
A vulnerability has been found in Morgawr Muon 0.1.1 and classified as problematic. Affected by... High Unreviewed
CVE-2019-25089 was published Dec 27, 2022
Persistent platform private key may not be protected with a random IV leading to a potential “two... High Unreviewed
CVE-2021-26322 was published May 24, 2022
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then... High Unreviewed
CVE-2021-22038 was published May 24, 2022
Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017... High Unreviewed
CVE-2017-5242 was published Jan 13, 2023
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed
CVE-2022-26071 was published May 6, 2022
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to... High Unreviewed
CVE-2013-6925 was published May 13, 2022
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the... High Unreviewed
CVE-2019-8919 was published May 13, 2022
Due to unencrypted signal communication and predictability of rolling codes, an attacker can ... High Unreviewed
CVE-2019-9860 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the... High Unreviewed
CVE-2017-13082 was published May 13, 2022
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380... High Unreviewed
CVE-2017-15654 was published May 13, 2022
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be... High Unreviewed
CVE-2017-17091 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database