GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
247 advisories
Filter by severity
An authentication bypass vulnerability exists in the OAS Engine authentication functionality of...
High
Unreviewed
CVE-2023-34353
was published
Sep 5, 2023
In FNET 4.6.3, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27633
was published
Oct 10, 2023
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27630
was published
Oct 10, 2023
In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27636
was published
Oct 10, 2023
In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27631
was published
Oct 10, 2023
In PicoTCP 1.7.0, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27635
was published
Oct 10, 2023
An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers ...
High
Unreviewed
CVE-2020-27213
was published
Oct 10, 2023
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass...
Critical
Unreviewed
CVE-2023-39979
was published
Sep 2, 2023
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R...
Moderate
Unreviewed
CVE-2023-24478
was published
Aug 15, 2023
Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation...
Critical
Unreviewed
CVE-2023-3373
was published
Aug 4, 2023
Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow...
Moderate
Unreviewed
CVE-2022-43485
was published
Jul 6, 2023
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of...
High
Unreviewed
CVE-2023-1385
was published
Jul 6, 2023
Use of insufficiently random values vulnerability in User Management Functionality in Synology...
High
Unreviewed
CVE-2023-2729
was published
Jun 13, 2023
Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker...
High
Unreviewed
CVE-2023-1898
was published
Jun 12, 2023
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random...
Critical
Unreviewed
CVE-2023-2884
was published
May 25, 2023
An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of...
Moderate
Unreviewed
CVE-2018-19441
was published
May 24, 2022
The token generator in index.php in Centreon Web before 2.8.27 is predictable.
Moderate
Unreviewed
CVE-2019-17105
was published
May 24, 2022
Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap...
Critical
Unreviewed
CVE-2019-2294
was published
May 24, 2022
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include...
Moderate
Unreviewed
CVE-2019-1549
was published
May 24, 2022
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while...
Moderate
Unreviewed
CVE-2019-12821
was published
May 24, 2022
The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token,...
Moderate
Unreviewed
CVE-2018-18425
was published
May 24, 2022
gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which...
Moderate
Unreviewed
CVE-2019-11690
was published
May 24, 2022
Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including...
High
Unreviewed
CVE-2019-11641
was published
May 24, 2022
generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp...
Critical
Unreviewed
CVE-2014-6311
was published
May 17, 2022
Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness
Critical
Unreviewed
CVE-2013-4102
was published
May 5, 2022
ProTip!
Advisories are also available from the
GraphQL API