Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

133 advisories

Loading
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate... High Unreviewed
CVE-2023-27791 was published Oct 19, 2023
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using... High Unreviewed
CVE-2022-26943 was published Oct 19, 2023
The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6... High Unreviewed
CVE-2023-39910 was published Aug 9, 2023
The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in... Critical Unreviewed
CVE-2023-36993 was published Jul 7, 2023
A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and... Low Unreviewed
CVE-2022-48506 was published Jun 19, 2023
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle.... Moderate Unreviewed
CVE-2023-34363 was published Jun 9, 2023
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. High Unreviewed
CVE-2023-32549 was published Jun 6, 2023
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,... Moderate Unreviewed
CVE-2023-31290 was published Apr 27, 2023
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm... High Unreviewed
CVE-2023-28395 was published Mar 28, 2023
go.uuid has Predictable UUID Identifiers Critical
CVE-2021-3538 was published for github.com/satori/go.uuid (Go) Feb 7, 2023
An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A... Critical Unreviewed
CVE-2022-45782 was published Feb 2, 2023
Passeo uses insecure random number generator High
CVE-2022-23472 was published for Passeo (pip) Dec 6, 2022
Bluenix2 ArjunSharda
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with... Critical Unreviewed
CVE-2022-35255 was published Dec 6, 2022
An issue was discovered in Object First 1.0.7.712. The authorization service has a flow that... Critical Unreviewed
CVE-2022-44796 was published Nov 7, 2022
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random... Moderate Unreviewed
CVE-2022-42159 was published Oct 14, 2022
SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number... Moderate Unreviewed
CVE-2022-41210 was published Oct 12, 2022
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can... High Unreviewed
CVE-2022-40769 was published Sep 19, 2022
Cryptographically weak PRNG in `utils.generateUUID` Critical
CVE-2022-36045 was published for nodebb (npm) Aug 30, 2022
HakuPiku
OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token... High Unreviewed
CVE-2022-33738 was published Jul 7, 2022
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2022-20817 was published Jun 16, 2022
Weak private key generation in SSH.NET Moderate
CVE-2022-29245 was published for SSH.NET (NuGet) Jun 1, 2022
yaumn-synacktiv
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the... High Unreviewed
CVE-2021-22948 was published May 24, 2022
A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to... Low Unreviewed
CVE-2021-3047 was published May 24, 2022
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. High Unreviewed
CVE-2021-37553 was published May 24, 2022
Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R)... Moderate Unreviewed
CVE-2021-0131 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database