GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
32 advisories
Filter by severity
tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand...
Moderate
Unreviewed
CVE-2024-45751
was published
Sep 6, 2024
An HTTP digest authentication nonce value was generated using `rand()` which could lead to...
Moderate
Unreviewed
CVE-2024-4772
was published
May 14, 2024
An issue ingalxe.com Galxe platform 1.0 allows a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2023-50059
was published
Apr 30, 2024
stormpath/sdk uses Insecure Random Number Generator
Moderate
GHSA-q8fc-v85f-78pw
was published
for
stormpath/sdk
(Composer)
May 29, 2024
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative...
Moderate
Unreviewed
CVE-2024-5264
was published
May 23, 2024
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle....
Moderate
Unreviewed
CVE-2023-34363
was published
Jun 9, 2023
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,...
Moderate
Unreviewed
CVE-2023-31290
was published
Apr 27, 2023
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to...
Moderate
Unreviewed
CVE-2012-6124
was published
Apr 23, 2022
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45236
was published
Jan 16, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45237
was published
Jan 16, 2024
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the...
Moderate
Unreviewed
CVE-2009-3278
was published
May 2, 2022
Magento 2 Community Cryptographic Flaw
Moderate
CVE-2019-7855
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Weak PRNG
Moderate
CVE-2019-8113
was published
for
magento/community-edition
(Composer)
May 24, 2022
Cryptographically Weak PRNG in randomatic
Moderate
CVE-2017-16028
was published
for
randomatic
(npm)
Oct 9, 2018
miekg/dns insecurely generates random numbers
Moderate
CVE-2019-19794
was published
for
github.com/miekg/dns
(Go)
May 18, 2021
Apache Syncope uses a weak PNRG
Moderate
CVE-2014-3503
was published
for
org.apache.syncope:syncope
(Maven)
May 14, 2022
Improper random number generation in nanorand
Moderate
CVE-2020-35926
was published
for
nanorand
(Rust)
Aug 25, 2021
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler...
Moderate
Unreviewed
CVE-2017-11671
was published
May 14, 2022
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,...
Moderate
Unreviewed
CVE-2018-12885
was published
May 14, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...
Moderate
Unreviewed
CVE-2018-5871
was published
May 13, 2022
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Moderate
CVE-2021-3990
was published
for
showdoc/showdoc
(Composer)
Dec 3, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev
Moderate
CVE-2021-3692
was published
for
yiisoft/yii2-dev
(Composer)
Sep 1, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc
Moderate
CVE-2021-3678
was published
for
showdoc/showdoc
(Composer)
Sep 2, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in org.pac4j:pac4j-saml
Moderate
CVE-2019-10755
was published
for
org.pac4j:pac4j-saml
(Maven)
Nov 6, 2019
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random...
Moderate
Unreviewed
CVE-2022-42159
was published
Oct 14, 2022
ProTip!
Advisories are also available from the
GraphQL API