GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
33 advisories
Filter by severity
Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the...
Moderate
Unreviewed
CVE-2024-53702
was published
Dec 5, 2024
tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand...
Moderate
Unreviewed
CVE-2024-45751
was published
Sep 6, 2024
stormpath/sdk uses Insecure Random Number Generator
Moderate
GHSA-q8fc-v85f-78pw
was published
for
stormpath/sdk
(Composer)
May 29, 2024
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative...
Moderate
Unreviewed
CVE-2024-5264
was published
May 23, 2024
An HTTP digest authentication nonce value was generated using `rand()` which could lead to...
Moderate
Unreviewed
CVE-2024-4772
was published
May 14, 2024
An issue ingalxe.com Galxe platform 1.0 allows a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2023-50059
was published
Apr 30, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45236
was published
Jan 16, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45237
was published
Jan 16, 2024
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle....
Moderate
Unreviewed
CVE-2023-34363
was published
Jun 9, 2023
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,...
Moderate
Unreviewed
CVE-2023-31290
was published
Apr 27, 2023
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random...
Moderate
Unreviewed
CVE-2022-42159
was published
Oct 14, 2022
SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number...
Moderate
Unreviewed
CVE-2022-41210
was published
Oct 12, 2022
Weak private key generation in SSH.NET
Moderate
CVE-2022-29245
was published
for
SSH.NET
(NuGet)
Jun 1, 2022
Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R)...
Moderate
Unreviewed
CVE-2021-0131
was published
May 24, 2022
BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseudo-random values to generate...
Moderate
Unreviewed
CVE-2021-29245
was published
May 24, 2022
An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config...
Moderate
Unreviewed
CVE-2019-15075
was published
May 24, 2022
Magento 2 Community Weak PRNG
Moderate
CVE-2019-8113
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Cryptographic Flaw
Moderate
CVE-2019-7855
was published
for
magento/community-edition
(Composer)
May 24, 2022
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler...
Moderate
Unreviewed
CVE-2017-11671
was published
May 14, 2022
Apache Syncope uses a weak PNRG
Moderate
CVE-2014-3503
was published
for
org.apache.syncope:syncope
(Maven)
May 14, 2022
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,...
Moderate
Unreviewed
CVE-2018-12885
was published
May 14, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...
Moderate
Unreviewed
CVE-2018-5871
was published
May 13, 2022
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the...
Moderate
Unreviewed
CVE-2009-3278
was published
May 2, 2022
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to...
Moderate
Unreviewed
CVE-2012-6124
was published
Apr 23, 2022
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys,...
Moderate
Unreviewed
CVE-2008-3280
was published
Apr 21, 2022
ProTip!
Advisories are also available from the
GraphQL API