Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

95 advisories

Loading
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc Moderate
CVE-2021-3678 was published for showdoc/showdoc (Composer) Sep 2, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone High
CVE-2020-28924 was published for github.com/rclone/rclone (Go) Jun 10, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev Moderate
CVE-2021-3692 was published for yiisoft/yii2-dev (Composer) Sep 1, 2021
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Moderate
CVE-2021-3990 was published for showdoc/showdoc (Composer) Dec 3, 2021
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not... High Unreviewed
CVE-2017-5493 was published May 13, 2022
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3... High Unreviewed
CVE-2017-8081 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed
CVE-2018-11291 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... High Unreviewed
CVE-2018-11290 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... Moderate Unreviewed
CVE-2018-5871 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed
CVE-2018-5837 was published May 13, 2022
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum... High Unreviewed
CVE-2018-15552 was published May 13, 2022
The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling... High Unreviewed
CVE-2018-12056 was published May 14, 2022
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum... High Unreviewed
CVE-2018-17071 was published May 14, 2022
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,... High Unreviewed
CVE-2018-12975 was published May 14, 2022
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a... High Unreviewed
CVE-2018-17968 was published May 14, 2022
A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a... High Unreviewed
CVE-2018-17877 was published May 14, 2022
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,... Moderate Unreviewed
CVE-2018-12885 was published May 14, 2022
The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an... High Unreviewed
CVE-2018-12454 was published May 14, 2022
The endCoinFlip function and throwSlammer function of the smart contract implementations for... High Unreviewed
CVE-2018-14715 was published May 14, 2022
** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology... High Unreviewed
CVE-2017-9230 was published May 14, 2022
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler... Moderate Unreviewed
CVE-2017-11671 was published May 14, 2022
An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs... High Unreviewed
CVE-2017-17845 was published May 14, 2022
It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates... Critical Unreviewed
CVE-2017-18021 was published May 14, 2022
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. High Unreviewed
CVE-2021-45489 was published Dec 26, 2021
Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a... High Unreviewed
CVE-2013-20003 was published Feb 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database