GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,498

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

80 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature... Moderate Unreviewed

CVE-2024-20331 was published Oct 23, 2024

TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure... Moderate Unreviewed

CVE-2024-22473 was published Feb 21, 2024

Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed

CVE-2024-42164 was published Aug 12, 2024

Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection... Moderate Unreviewed

CVE-2024-6348 was published Aug 19, 2024

A vulnerability, which was classified as problematic, was found in projectsend up to r1605.... Moderate Unreviewed

CVE-2024-7659 was published Aug 12, 2024

Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed

CVE-2024-42165 was published Aug 12, 2024

The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up... Moderate Unreviewed

CVE-2024-5149 was published Jun 5, 2024

Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,... Moderate Unreviewed

CVE-2022-26080 was published Jul 6, 2023

Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R... Moderate Unreviewed

CVE-2023-24478 was published Aug 15, 2023

Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow... Moderate Unreviewed

CVE-2022-43485 was published Jul 6, 2023

An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of... Moderate Unreviewed

CVE-2018-19441 was published May 24, 2022

The token generator in index.php in Centreon Web before 2.8.27 is predictable. Moderate Unreviewed

CVE-2019-17105 was published May 24, 2022

OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include... Moderate Unreviewed

CVE-2019-1549 was published May 24, 2022

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while... Moderate Unreviewed

CVE-2019-12821 was published May 24, 2022

The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token,... Moderate Unreviewed

CVE-2018-18425 was published May 24, 2022

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which... Moderate Unreviewed

CVE-2019-11690 was published May 24, 2022

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap... Moderate Unreviewed

CVE-2019-1010025 was published May 24, 2022

React Native Bluetooth Scan in Bluezone 1.0.0 uses six-character alphanumeric IDs, which might... Moderate Unreviewed

CVE-2020-12270 was published May 24, 2022

The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy... Moderate Unreviewed

CVE-2008-5162 was published May 17, 2022

MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded... Moderate Unreviewed

CVE-2008-4929 was published May 17, 2022

The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0... Moderate Unreviewed

CVE-2009-0255 was published May 2, 2022

The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e... Moderate Unreviewed

CVE-2008-2020 was published May 1, 2022

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it... Moderate Unreviewed

CVE-2008-4905 was published May 17, 2022

Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session.... Moderate Unreviewed

CVE-2024-23688 was published Jan 20, 2024

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed

CVE-2022-20941 was published Nov 16, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

80 advisories