GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
40 advisories
Filter by severity
The goTenna Pro ATAK Plugin does not use SecureRandom when generating
its cryptographic keys....
High
Unreviewed
CVE-2024-45723
was published
Sep 26, 2024
The goTenna Pro series does not use SecureRandom when generating its cryptographic keys. The...
High
Unreviewed
CVE-2024-47126
was published
Sep 26, 2024
Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography.
High
Unreviewed
CVE-2024-34538
was published
May 6, 2024
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed ...
High
Unreviewed
CVE-2024-25389
was published
Mar 27, 2024
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag...
High
Unreviewed
CVE-2024-23660
was published
Feb 8, 2024
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate...
High
Unreviewed
CVE-2023-27791
was published
Oct 19, 2023
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using...
High
Unreviewed
CVE-2022-26943
was published
Oct 19, 2023
The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6...
High
Unreviewed
CVE-2023-39910
was published
Aug 9, 2023
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.
High
Unreviewed
CVE-2023-32549
was published
Jun 6, 2023
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm...
High
Unreviewed
CVE-2023-28395
was published
Mar 28, 2023
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can...
High
Unreviewed
CVE-2022-40769
was published
Sep 19, 2022
OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token...
High
Unreviewed
CVE-2022-33738
was published
Jul 7, 2022
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to...
High
Unreviewed
CVE-2022-20817
was published
Jun 16, 2022
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the...
High
Unreviewed
CVE-2021-22948
was published
May 24, 2022
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.
High
Unreviewed
CVE-2021-37553
was published
May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator.
High
Unreviewed
CVE-2020-13784
was published
May 24, 2022
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver <...
High
Unreviewed
CVE-2019-5440
was published
May 24, 2022
An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs...
High
Unreviewed
CVE-2017-17845
was published
May 14, 2022
** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology...
High
Unreviewed
CVE-2017-9230
was published
May 14, 2022
The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an...
High
Unreviewed
CVE-2018-12454
was published
May 14, 2022
The endCoinFlip function and throwSlammer function of the smart contract implementations for...
High
Unreviewed
CVE-2018-14715
was published
May 14, 2022
A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a...
High
Unreviewed
CVE-2018-17877
was published
May 14, 2022
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a...
High
Unreviewed
CVE-2018-17968
was published
May 14, 2022
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum...
High
Unreviewed
CVE-2018-17071
was published
May 14, 2022
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,...
High
Unreviewed
CVE-2018-12975
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API