GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
98 advisories
Filter by severity
Cryptographically Weak PRNG in randomatic
Moderate
CVE-2017-16028
was published
for
randomatic
(npm)
Oct 9, 2018
Cryptographically Weak Pseudo-Random Number Generator (PRNG) in akka-actor
Critical
CVE-2018-16115
was published
for
com.typesafe.akka:akka-actor_2.11
(Maven)
Oct 22, 2018
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Pivotal CredHub Service Broker
High
CVE-2018-15795
was published
for
org.springframework.credhub:spring-credhub-core
(Maven)
Nov 29, 2018
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Ratpack
Low
CVE-2019-11808
was published
for
io.ratpack:ratpack-groovy
(Maven)
May 14, 2019
Cryptographically Weak PRNG in generate-password
Moderate
GHSA-6qqf-vvcr-7qrv
was published
for
generate-password
(npm)
May 23, 2019
Critical severity vulnerability that affects generator-jhipster
Critical
GHSA-mwp6-j9wf-968c
was published
for
generator-jhipster
(npm)
Sep 13, 2019
•
withdrawn
Use of Cryptographically Weak Pseudo-Random Number Generator in org.pac4j:pac4j-saml
Moderate
CVE-2019-10755
was published
for
org.pac4j:pac4j-saml
(Maven)
Nov 6, 2019
JHipster Kotlin using insecure source of randomness `RandomStringUtils` before v1.2.0
Critical
CVE-2019-16303
was published
for
generator-jhipster-kotlin
(npm)
Jun 26, 2020
miekg/dns insecurely generates random numbers
Moderate
CVE-2019-19794
was published
for
github.com/miekg/dns
(Go)
May 18, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone
High
CVE-2020-28924
was published
for
github.com/rclone/rclone
(Go)
Jun 10, 2021
Improper random number generation in nanorand
Moderate
CVE-2020-35926
was published
for
nanorand
(Rust)
Aug 25, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev
Moderate
CVE-2021-3692
was published
for
yiisoft/yii2-dev
(Composer)
Sep 1, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc
Moderate
CVE-2021-3678
was published
for
showdoc/showdoc
(Composer)
Sep 2, 2021
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Moderate
CVE-2021-3990
was published
for
showdoc/showdoc
(Composer)
Dec 3, 2021
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
High
Unreviewed
CVE-2021-45489
was published
Dec 26, 2021
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to...
High
Unreviewed
CVE-2021-34600
was published
Jan 21, 2022
Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a...
High
Unreviewed
CVE-2013-20003
was published
Feb 10, 2022
The use of a cryptographically weak pseudo-random number generator in the password reset feature...
High
Unreviewed
CVE-2021-36171
was published
Mar 2, 2022
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the...
High
Unreviewed
CVE-2022-0828
was published
Apr 12, 2022
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys,...
Moderate
Unreviewed
CVE-2008-3280
was published
Apr 21, 2022
PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart,...
Critical
Unreviewed
CVE-2011-4574
was published
Apr 22, 2022
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to...
Moderate
Unreviewed
CVE-2012-6124
was published
Apr 23, 2022
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random...
High
Unreviewed
CVE-2008-0166
was published
May 1, 2022
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows...
High
Unreviewed
CVE-2009-2367
was published
May 2, 2022
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the...
Moderate
Unreviewed
CVE-2009-3278
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API