GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,498

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

80 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature... Moderate Unreviewed

CVE-2024-20331 was published Oct 23, 2024

Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection... Moderate Unreviewed

CVE-2024-6348 was published Aug 19, 2024

A vulnerability, which was classified as problematic, was found in projectsend up to r1605.... Moderate Unreviewed

CVE-2024-7659 was published Aug 12, 2024

Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed

CVE-2024-42164 was published Aug 12, 2024

Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed

CVE-2024-42165 was published Aug 12, 2024

The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up... Moderate Unreviewed

CVE-2024-5149 was published Jun 5, 2024

TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure... Moderate Unreviewed

CVE-2024-22473 was published Feb 21, 2024

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session.... Moderate Unreviewed

CVE-2024-23688 was published Jan 20, 2024

In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This... Moderate Unreviewed

CVE-2023-32831 was published Jan 2, 2024

Henschen & Associates court document management software does not sufficiently randomize file... Moderate Unreviewed

CVE-2023-6376 was published Nov 30, 2023

Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R... Moderate Unreviewed

CVE-2023-24478 was published Aug 15, 2023

Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow... Moderate Unreviewed

CVE-2022-43485 was published Jul 6, 2023

Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,... Moderate Unreviewed

CVE-2022-26080 was published Jul 6, 2023

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the... Moderate Unreviewed

CVE-2023-20016 was published Feb 23, 2023

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed

CVE-2023-22912 was published Jan 20, 2023

A vulnerability, which was classified as problematic, has been found in fredsmith utils. This... Moderate Unreviewed

CVE-2021-4277 was published Dec 25, 2022

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed

CVE-2022-20941 was published Nov 16, 2022

A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1.... Moderate Unreviewed

CVE-2022-3959 was published Nov 11, 2022

An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which... Moderate Unreviewed

CVE-2022-44795 was published Nov 7, 2022

ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used... Moderate Unreviewed

CVE-2022-38970 was published Sep 27, 2022

In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. Moderate Unreviewed

CVE-2022-1615 was published Sep 2, 2022

Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker... Moderate Unreviewed

CVE-2022-33707 was published Jul 13, 2022

The password reset token in CWP v0.9.8.1126 is generated using known or predictable values. Moderate Unreviewed

CVE-2022-25047 was published Jul 8, 2022

totd before 1.5.3 does not properly randomize mesg IDs. Moderate Unreviewed

CVE-2022-34295 was published Jun 24, 2022

A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All... Moderate Unreviewed

CVE-2021-37186 was published May 24, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

80 advisories