GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

40 advisories

Filter by severity

Sort by

Least recently updated

In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. High Unreviewed

CVE-2021-45489 was published Dec 26, 2021

Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to... High Unreviewed

CVE-2021-34600 was published Jan 21, 2022

Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a... High Unreviewed

CVE-2013-20003 was published Feb 10, 2022

The use of a cryptographically weak pseudo-random number generator in the password reset feature... High Unreviewed

CVE-2021-36171 was published Mar 2, 2022

The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the... High Unreviewed

CVE-2022-0828 was published Apr 12, 2022

OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random... High Unreviewed

CVE-2008-0166 was published May 1, 2022

cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows... High Unreviewed

CVE-2009-2367 was published May 2, 2022

An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time... High Unreviewed

CVE-2016-10180 was published May 13, 2022

wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not... High Unreviewed

CVE-2017-5493 was published May 13, 2022

Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3... High Unreviewed

CVE-2017-8081 was published May 13, 2022

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... High Unreviewed

CVE-2018-11290 was published May 13, 2022

In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed

CVE-2018-11291 was published May 13, 2022

In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed

CVE-2018-5837 was published May 13, 2022

The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum... High Unreviewed

CVE-2018-15552 was published May 13, 2022

The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling... High Unreviewed

CVE-2018-12056 was published May 14, 2022

The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,... High Unreviewed

CVE-2018-12975 was published May 14, 2022

The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum... High Unreviewed

CVE-2018-17071 was published May 14, 2022

A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a... High Unreviewed

CVE-2018-17877 was published May 14, 2022

A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a... High Unreviewed

CVE-2018-17968 was published May 14, 2022

The endCoinFlip function and throwSlammer function of the smart contract implementations for... High Unreviewed

CVE-2018-14715 was published May 14, 2022

The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an... High Unreviewed

CVE-2018-12454 was published May 14, 2022

** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology... High Unreviewed

CVE-2017-9230 was published May 14, 2022

An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs... High Unreviewed

CVE-2017-17845 was published May 14, 2022

Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver <... High Unreviewed

CVE-2019-5440 was published May 24, 2022

D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator. High Unreviewed

CVE-2020-13784 was published May 24, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

40 advisories