Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

28 advisories

Loading
Cryptographically Weak PRNG in generate-password Moderate
GHSA-6qqf-vvcr-7qrv was published for generate-password (npm) May 23, 2019
Critical severity vulnerability that affects generator-jhipster Critical
GHSA-mwp6-j9wf-968c was published for generator-jhipster (npm) Sep 13, 2019 withdrawn
JLLeitschuh
Cryptographically Weak Pseudo-Random Number Generator (PRNG) in akka-actor Critical
CVE-2018-16115 was published for com.typesafe.akka:akka-actor_2.11 (Maven) Oct 22, 2018
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Pivotal CredHub Service Broker High
CVE-2018-15795 was published for org.springframework.credhub:spring-credhub-core (Maven) Nov 29, 2018
JHipster Kotlin using insecure source of randomness `RandomStringUtils` before v1.2.0 Critical
CVE-2019-16303 was published for generator-jhipster-kotlin (npm) Jun 26, 2020
JLLeitschuh
Weak private key generation in SSH.NET Moderate
CVE-2022-29245 was published for SSH.NET (NuGet) Jun 1, 2022
yaumn-synacktiv
Cryptographically weak PRNG in `utils.generateUUID` Critical
CVE-2022-36045 was published for nodebb (npm) Aug 30, 2022
HakuPiku
Use of Insufficiently Random Values in Apereo CAS High
CVE-2019-10754 was published for org.apereo.cas:cas-server-core-services-api (Maven) May 24, 2022
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Ratpack Low
CVE-2019-11808 was published for io.ratpack:ratpack-groovy (Maven) May 14, 2019
Use of Cryptographically Weak Pseudo-Random Number Generator in org.pac4j:pac4j-saml Moderate
CVE-2019-10755 was published for org.pac4j:pac4j-saml (Maven) Nov 6, 2019
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc Moderate
CVE-2021-3678 was published for showdoc/showdoc (Composer) Sep 2, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone High
CVE-2020-28924 was published for github.com/rclone/rclone (Go) Jun 10, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev Moderate
CVE-2021-3692 was published for yiisoft/yii2-dev (Composer) Sep 1, 2021
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Moderate
CVE-2021-3990 was published for showdoc/showdoc (Composer) Dec 3, 2021
Improper random number generation in nanorand Moderate
CVE-2020-35926 was published for nanorand (Rust) Aug 25, 2021
Apache Syncope uses a weak PNRG Moderate
CVE-2014-3503 was published for org.apache.syncope:syncope (Maven) May 14, 2022
miekg/dns insecurely generates random numbers Moderate
CVE-2019-19794 was published for github.com/miekg/dns (Go) May 18, 2021
Cryptographically Weak PRNG in randomatic Moderate
CVE-2017-16028 was published for randomatic (npm) Oct 9, 2018
Ethyca Fides Cryptographically Weak Generation of One-Time Codes for Identity Verification High
CVE-2023-48224 was published for ethyca-fides (pip) Nov 16, 2023
RobertKeyser
Magento 2 Community Weak PRNG Moderate
CVE-2019-8113 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Weak PRNG High
CVE-2019-7860 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Cryptographic Flaw Moderate
CVE-2019-7855 was published for magento/community-edition (Composer) May 24, 2022
stormpath/sdk uses Insecure Random Number Generator Moderate
GHSA-q8fc-v85f-78pw was published for stormpath/sdk (Composer) May 29, 2024
Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation Critical
CVE-2024-29868 was published for org.apache.streampipes:streampipes-resource-management (Maven) Jun 24, 2024
oscerd
go.uuid has Predictable UUID Identifiers Critical
CVE-2021-3538 was published for github.com/satori/go.uuid (Go) Feb 7, 2023
ProTip! Advisories are also available from the GraphQL API