GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
97 advisories
Filter by severity
Withdrawn Advisory: go-mysql affected by go.uuid's Predictable UUID Identifiers
Critical
GHSA-rc7v-65v6-m2v3
was published
for
github.com/go-mysql-org/go-mysql
(Go)
Oct 28, 2024
•
withdrawn
The goTenna Pro series does not use SecureRandom when generating its cryptographic keys. The...
High
Unreviewed
CVE-2024-47126
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin does not use SecureRandom when generating
its cryptographic keys....
High
Unreviewed
CVE-2024-45723
was published
Sep 26, 2024
tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand...
Moderate
Unreviewed
CVE-2024-45751
was published
Sep 6, 2024
Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware)...
Low
Unreviewed
CVE-2023-31305
was published
Aug 13, 2024
Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation
Critical
CVE-2024-29868
was published
for
org.apache.streampipes:streampipes-resource-management
(Maven)
Jun 24, 2024
stormpath/sdk uses Insecure Random Number Generator
Moderate
GHSA-q8fc-v85f-78pw
was published
for
stormpath/sdk
(Composer)
May 29, 2024
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative...
Moderate
Unreviewed
CVE-2024-5264
was published
May 23, 2024
An HTTP digest authentication nonce value was generated using `rand()` which could lead to...
Moderate
Unreviewed
CVE-2024-4772
was published
May 14, 2024
Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography.
High
Unreviewed
CVE-2024-34538
was published
May 6, 2024
An issue ingalxe.com Galxe platform 1.0 allows a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2023-50059
was published
Apr 30, 2024
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed ...
High
Unreviewed
CVE-2024-25389
was published
Mar 27, 2024
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag...
High
Unreviewed
CVE-2024-23660
was published
Feb 8, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45236
was published
Jan 16, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45237
was published
Jan 16, 2024
Ethyca Fides Cryptographically Weak Generation of One-Time Codes for Identity Verification
High
CVE-2023-48224
was published
for
ethyca-fides
(pip)
Nov 16, 2023
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate...
High
Unreviewed
CVE-2023-27791
was published
Oct 19, 2023
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using...
High
Unreviewed
CVE-2022-26943
was published
Oct 19, 2023
The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6...
High
Unreviewed
CVE-2023-39910
was published
Aug 9, 2023
The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in...
Critical
Unreviewed
CVE-2023-36993
was published
Jul 7, 2023
A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and...
Low
Unreviewed
CVE-2022-48506
was published
Jun 19, 2023
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle....
Moderate
Unreviewed
CVE-2023-34363
was published
Jun 9, 2023
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.
High
Unreviewed
CVE-2023-32549
was published
Jun 6, 2023
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,...
Moderate
Unreviewed
CVE-2023-31290
was published
Apr 27, 2023
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm...
High
Unreviewed
CVE-2023-28395
was published
Mar 28, 2023
ProTip!
Advisories are also available from the
GraphQL API