GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
67 advisories
Filter by severity
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
High
Unreviewed
CVE-2021-45489
was published
Dec 26, 2021
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to...
High
Unreviewed
CVE-2021-34600
was published
Jan 21, 2022
Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a...
High
Unreviewed
CVE-2013-20003
was published
Feb 10, 2022
The use of a cryptographically weak pseudo-random number generator in the password reset feature...
High
Unreviewed
CVE-2021-36171
was published
Mar 2, 2022
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the...
High
Unreviewed
CVE-2022-0828
was published
Apr 12, 2022
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys,...
Moderate
Unreviewed
CVE-2008-3280
was published
Apr 21, 2022
PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart,...
Critical
Unreviewed
CVE-2011-4574
was published
Apr 22, 2022
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to...
Moderate
Unreviewed
CVE-2012-6124
was published
Apr 23, 2022
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random...
High
Unreviewed
CVE-2008-0166
was published
May 1, 2022
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows...
High
Unreviewed
CVE-2009-2367
was published
May 2, 2022
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the...
Moderate
Unreviewed
CVE-2009-3278
was published
May 2, 2022
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time...
High
Unreviewed
CVE-2016-10180
was published
May 13, 2022
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not...
High
Unreviewed
CVE-2017-5493
was published
May 13, 2022
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3...
High
Unreviewed
CVE-2017-8081
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...
High
Unreviewed
CVE-2018-11290
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,...
High
Unreviewed
CVE-2018-11291
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,...
High
Unreviewed
CVE-2018-5837
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...
Moderate
Unreviewed
CVE-2018-5871
was published
May 13, 2022
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum...
High
Unreviewed
CVE-2018-15552
was published
May 13, 2022
The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling...
High
Unreviewed
CVE-2018-12056
was published
May 14, 2022
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,...
High
Unreviewed
CVE-2018-12975
was published
May 14, 2022
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum...
High
Unreviewed
CVE-2018-17071
was published
May 14, 2022
A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a...
High
Unreviewed
CVE-2018-17877
was published
May 14, 2022
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a...
High
Unreviewed
CVE-2018-17968
was published
May 14, 2022
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,...
Moderate
Unreviewed
CVE-2018-12885
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API