GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
30 advisories
Filter by severity
stormpath/sdk uses Insecure Random Number Generator
Moderate
GHSA-q8fc-v85f-78pw
was published
for
stormpath/sdk
(Composer)
May 29, 2024
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative...
Moderate
Unreviewed
CVE-2024-5264
was published
May 23, 2024
An issue ingalxe.com Galxe platform 1.0 allows a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2023-50059
was published
Apr 30, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45237
was published
Jan 16, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45236
was published
Jan 16, 2024
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle....
Moderate
Unreviewed
CVE-2023-34363
was published
Jun 9, 2023
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,...
Moderate
Unreviewed
CVE-2023-31290
was published
Apr 27, 2023
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random...
Moderate
Unreviewed
CVE-2022-42159
was published
Oct 14, 2022
SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number...
Moderate
Unreviewed
CVE-2022-41210
was published
Oct 12, 2022
Weak private key generation in SSH.NET
Moderate
CVE-2022-29245
was published
for
SSH.NET
(NuGet)
Jun 1, 2022
Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R)...
Moderate
Unreviewed
CVE-2021-0131
was published
May 24, 2022
BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseudo-random values to generate...
Moderate
Unreviewed
CVE-2021-29245
was published
May 24, 2022
An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config...
Moderate
Unreviewed
CVE-2019-15075
was published
May 24, 2022
Magento 2 Community Weak PRNG
Moderate
CVE-2019-8113
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Cryptographic Flaw
Moderate
CVE-2019-7855
was published
for
magento/community-edition
(Composer)
May 24, 2022
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler...
Moderate
Unreviewed
CVE-2017-11671
was published
May 14, 2022
Apache Syncope uses a weak PNRG
Moderate
CVE-2014-3503
was published
for
org.apache.syncope:syncope
(Maven)
May 14, 2022
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,...
Moderate
Unreviewed
CVE-2018-12885
was published
May 14, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...
Moderate
Unreviewed
CVE-2018-5871
was published
May 13, 2022
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the...
Moderate
Unreviewed
CVE-2009-3278
was published
May 2, 2022
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to...
Moderate
Unreviewed
CVE-2012-6124
was published
Apr 23, 2022
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys,...
Moderate
Unreviewed
CVE-2008-3280
was published
Apr 21, 2022
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Moderate
CVE-2021-3990
was published
for
showdoc/showdoc
(Composer)
Dec 3, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc
Moderate
CVE-2021-3678
was published
for
showdoc/showdoc
(Composer)
Sep 2, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev
Moderate
CVE-2021-3692
was published
for
yiisoft/yii2-dev
(Composer)
Sep 1, 2021
ProTip!
Advisories are also available from the
GraphQL API