GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
189 advisories
Filter by severity
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version...
High
Unreviewed
CVE-2023-22601
was published
Jan 13, 2023
Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web...
High
Unreviewed
CVE-2021-46010
was published
Apr 1, 2022
randomUUID in Scala.js before 1.10.0 generates predictable values.
High
Unreviewed
CVE-2022-28355
was published
Apr 3, 2022
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS...
High
Unreviewed
CVE-2022-22517
was published
Apr 8, 2022
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the...
Critical
Unreviewed
CVE-2022-27577
was published
Apr 12, 2022
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state...
Critical
Unreviewed
CVE-2022-26851
was published
Apr 9, 2022
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't...
Moderate
Unreviewed
CVE-2022-29035
was published
Apr 12, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,...
Critical
Unreviewed
CVE-2022-25752
was published
Apr 13, 2022
Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup...
Critical
Unreviewed
CVE-2019-7667
was published
May 24, 2022
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value
Moderate
Unreviewed
CVE-2022-29930
was published
May 13, 2022
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's...
Moderate
Unreviewed
CVE-2018-1108
was published
May 13, 2022
Multiple W&T products of the Comserver Series use a small number space for allocating sessions...
Critical
Unreviewed
CVE-2022-42787
was published
Nov 10, 2022
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the...
Critical
Unreviewed
CVE-2021-20322
was published
Feb 19, 2022
Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute...
Moderate
Unreviewed
CVE-2020-15023
was published
May 24, 2022
ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values...
High
Unreviewed
CVE-2022-23138
was published
Jun 10, 2022
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of...
Moderate
Unreviewed
CVE-2021-25444
was published
May 24, 2022
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of...
High
Unreviewed
CVE-2022-32284
was published
Jul 5, 2022
A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen...
High
Unreviewed
CVE-2017-7901
was published
May 17, 2022
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker...
Moderate
Unreviewed
CVE-2022-33707
was published
Jul 13, 2022
totd before 1.5.3 does not properly randomize mesg IDs.
Moderate
Unreviewed
CVE-2022-34295
was published
Jun 24, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT ...
Critical
Unreviewed
CVE-2022-26647
was published
Jul 13, 2022
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.
Moderate
Unreviewed
CVE-2022-25047
was published
Jul 8, 2022
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,
...
Critical
Unreviewed
CVE-2020-35163
was published
Jul 12, 2022
In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random...
Moderate
Unreviewed
CVE-2015-9019
was published
May 17, 2022
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1...
High
Unreviewed
CVE-2022-30629
was published
Aug 11, 2022
ProTip!
Advisories are also available from the
GraphQL API