GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
247 advisories
Filter by severity
Lemur subject to insecure random generation
High
CVE-2023-30797
was published
for
lemur
(pip)
Mar 1, 2023
Duplicate Advisory: Lemur subject to insecure random generation
High
GHSA-r4xg-4wrv-w72h
was published
for
lemur
(pip)
Apr 19, 2023
•
withdrawn
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure...
Moderate
Unreviewed
CVE-2024-22473
was published
Feb 21, 2024
An issue was discovered in AdaCore ada_web_services 20.0 allows an attacker to escalate...
High
Unreviewed
CVE-2024-41708
was published
Sep 25, 2024
Matrix Synapse Predictable Secret Key
High
CVE-2019-5885
was published
for
matrix-synapse
(pip)
May 13, 2022
Insufficiently random values in Ansible
Moderate
CVE-2020-10729
was published
for
ansible
(pip)
Jun 15, 2021
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper...
Critical
Unreviewed
CVE-2023-4344
was published
Aug 15, 2023
Ansible uses a socket with predictable filename in /tmp
Low
CVE-2013-4259
was published
for
Ansible
(pip)
May 14, 2022
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow...
Moderate
Unreviewed
CVE-2024-42164
was published
Aug 12, 2024
Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection...
Moderate
Unreviewed
CVE-2024-6348
was published
Aug 19, 2024
A vulnerability, which was classified as problematic, was found in projectsend up to r1605....
Moderate
Unreviewed
CVE-2024-7659
was published
Aug 12, 2024
Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow...
Moderate
Unreviewed
CVE-2024-42165
was published
Aug 12, 2024
Insecure random string generator used for sensitive data
Moderate
CVE-2023-46740
was published
for
github.com/cubefs/cubefs
(Go)
Jan 3, 2024
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in...
High
Unreviewed
CVE-2024-21460
was published
Jul 1, 2024
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th...
High
Unreviewed
CVE-2024-25943
was published
Jun 29, 2024
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All...
High
Unreviewed
CVE-2024-35292
was published
Jun 11, 2024
ZendFramework Potential Information Disclosure and Insufficient Entropy vulnerabilities
High
GHSA-xg9w-r469-m455
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up...
Moderate
Unreviewed
CVE-2024-5149
was published
Jun 5, 2024
MileSight DeviceHub -
CWE-330 Use of Insufficiently Random Values may allow Authentication...
Critical
Unreviewed
CVE-2024-36389
was published
Jun 2, 2024
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon...
High
Unreviewed
CVE-2020-1472
was published
May 24, 2022
pyftpdlib Use of Insufficiently Random Values of port selection on PASV command
Moderate
CVE-2007-6738
was published
for
pyftpdlib
(pip)
May 1, 2022
Froxlor guessable password reset token
Critical
CVE-2016-5100
was published
for
froxlor/froxlor
(Composer)
May 17, 2022
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,...
Moderate
Unreviewed
CVE-2022-26080
was published
Jul 6, 2023
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE...
Critical
Unreviewed
CVE-2022-46353
was published
Dec 13, 2022
In Contiki 4.5, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27634
was published
Oct 10, 2023
ProTip!
Advisories are also available from the
GraphQL API