GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,408

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

67 advisories

Filter by severity

Sort by

Least recently updated

In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. High Unreviewed

CVE-2021-45489 was published Dec 26, 2021

Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to... High Unreviewed

CVE-2021-34600 was published Jan 21, 2022

Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a... High Unreviewed

CVE-2013-20003 was published Feb 10, 2022

The use of a cryptographically weak pseudo-random number generator in the password reset feature... High Unreviewed

CVE-2021-36171 was published Mar 2, 2022

The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the... High Unreviewed

CVE-2022-0828 was published Apr 12, 2022

It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys,... Moderate Unreviewed

CVE-2008-3280 was published Apr 21, 2022

PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart,... Critical Unreviewed

CVE-2011-4574 was published Apr 22, 2022

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to... Moderate Unreviewed

CVE-2012-6124 was published Apr 23, 2022

OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random... High Unreviewed

CVE-2008-0166 was published May 1, 2022

cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows... High Unreviewed

CVE-2009-2367 was published May 2, 2022

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the... Moderate Unreviewed

CVE-2009-3278 was published May 2, 2022

An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time... High Unreviewed

CVE-2016-10180 was published May 13, 2022

wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not... High Unreviewed

CVE-2017-5493 was published May 13, 2022

Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3... High Unreviewed

CVE-2017-8081 was published May 13, 2022

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... High Unreviewed

CVE-2018-11290 was published May 13, 2022

In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed

CVE-2018-11291 was published May 13, 2022

In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed

CVE-2018-5837 was published May 13, 2022

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... Moderate Unreviewed

CVE-2018-5871 was published May 13, 2022

The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum... High Unreviewed

CVE-2018-15552 was published May 13, 2022

The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling... High Unreviewed

CVE-2018-12056 was published May 14, 2022

The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,... High Unreviewed

CVE-2018-12975 was published May 14, 2022

The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum... High Unreviewed

CVE-2018-17071 was published May 14, 2022

A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a... High Unreviewed

CVE-2018-17968 was published May 14, 2022

A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a... High Unreviewed

CVE-2018-17877 was published May 14, 2022

The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,... Moderate Unreviewed

CVE-2018-12885 was published May 14, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

67 advisories