Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token... High Unreviewed
CVE-2022-33738 was published Jul 7, 2022
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2022-20817 was published Jun 16, 2022
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the... High Unreviewed
CVE-2021-22948 was published May 24, 2022
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. High Unreviewed
CVE-2021-37553 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator. High Unreviewed
CVE-2020-13784 was published May 24, 2022
Use of Insufficiently Random Values in Apereo CAS High
CVE-2019-10754 was published for org.apereo.cas:cas-server-core-services-api (Maven) May 24, 2022
Magento 2 Community Edition Weak PRNG High
CVE-2019-7860 was published for magento/community-edition (Composer) May 24, 2022
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver <... High Unreviewed
CVE-2019-5440 was published May 24, 2022
matrix-sydent and matrix-synapse Use Cryptographically Weak PRNG High
CVE-2019-11842 was published for matrix-sydent (pip) May 24, 2022
westonsteimel
Credited to westonsteimel
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time... High Unreviewed
CVE-2014-2362 was published May 17, 2022
An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs... High Unreviewed
CVE-2017-17845 was published May 14, 2022
** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology... High Unreviewed
CVE-2017-9230 was published May 14, 2022
The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an... High Unreviewed
CVE-2018-12454 was published May 14, 2022
The endCoinFlip function and throwSlammer function of the smart contract implementations for... High Unreviewed
CVE-2018-14715 was published May 14, 2022
A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a... High Unreviewed
CVE-2018-17877 was published May 14, 2022
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a... High Unreviewed
CVE-2018-17968 was published May 14, 2022
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum... High Unreviewed
CVE-2018-17071 was published May 14, 2022
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,... High Unreviewed
CVE-2018-12975 was published May 14, 2022
The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling... High Unreviewed
CVE-2018-12056 was published May 14, 2022
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum... High Unreviewed
CVE-2018-15552 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed
CVE-2018-5837 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed
CVE-2018-11291 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... High Unreviewed
CVE-2018-11290 was published May 13, 2022
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3... High Unreviewed
CVE-2017-8081 was published May 13, 2022
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not... High Unreviewed
CVE-2017-5493 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database