GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,614
NuGet
638
pip
3,225
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
63 advisories
Filter by severity
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time...
High
Unreviewed
CVE-2016-10180
was published
May 13, 2022
Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography.
High
Unreviewed
CVE-2024-34538
was published
May 6, 2024
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed ...
High
Unreviewed
CVE-2024-25389
was published
Mar 27, 2024
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative...
Moderate
Unreviewed
CVE-2024-5264
was published
May 23, 2024
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate...
High
Unreviewed
CVE-2023-27791
was published
Oct 19, 2023
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using...
High
Unreviewed
CVE-2022-26943
was published
Oct 19, 2023
The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6...
High
Unreviewed
CVE-2023-39910
was published
Aug 9, 2023
The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in...
Critical
Unreviewed
CVE-2023-36993
was published
Jul 7, 2023
A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and...
Low
Unreviewed
CVE-2022-48506
was published
Jun 19, 2023
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle....
Moderate
Unreviewed
CVE-2023-34363
was published
Jun 9, 2023
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.
High
Unreviewed
CVE-2023-32549
was published
Jun 6, 2023
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,...
Moderate
Unreviewed
CVE-2023-31290
was published
Apr 27, 2023
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator.
High
Unreviewed
CVE-2020-13784
was published
May 24, 2022
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver <...
High
Unreviewed
CVE-2019-5440
was published
May 24, 2022
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to...
Moderate
Unreviewed
CVE-2012-6124
was published
Apr 23, 2022
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45236
was published
Jan 16, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This
...
Moderate
Unreviewed
CVE-2023-45237
was published
Jan 16, 2024
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows...
High
Unreviewed
CVE-2009-2367
was published
May 2, 2022
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random...
High
Unreviewed
CVE-2008-0166
was published
May 1, 2022
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag...
High
Unreviewed
CVE-2024-23660
was published
Feb 8, 2024
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the...
Moderate
Unreviewed
CVE-2009-3278
was published
May 2, 2022
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the...
High
Unreviewed
CVE-2022-0828
was published
Apr 12, 2022
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to...
High
Unreviewed
CVE-2021-34600
was published
Jan 21, 2022
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the...
High
Unreviewed
CVE-2021-22948
was published
May 24, 2022
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm...
High
Unreviewed
CVE-2023-28395
was published
Mar 28, 2023
ProTip!
Advisories are also available from the
GraphQL API