Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

63 advisories

Loading
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative... Moderate Unreviewed
CVE-2024-5264 was published May 23, 2024
Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography. High Unreviewed
CVE-2024-34538 was published May 6, 2024
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed ... High Unreviewed
CVE-2024-25389 was published Mar 27, 2024
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag... High Unreviewed
CVE-2024-23660 was published Feb 8, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This ... Moderate Unreviewed
CVE-2023-45237 was published Jan 16, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This ... Moderate Unreviewed
CVE-2023-45236 was published Jan 16, 2024
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate... High Unreviewed
CVE-2023-27791 was published Oct 19, 2023
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using... High Unreviewed
CVE-2022-26943 was published Oct 19, 2023
The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6... High Unreviewed
CVE-2023-39910 was published Aug 9, 2023
The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in... Critical Unreviewed
CVE-2023-36993 was published Jul 7, 2023
A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and... Low Unreviewed
CVE-2022-48506 was published Jun 19, 2023
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle.... Moderate Unreviewed
CVE-2023-34363 was published Jun 9, 2023
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. High Unreviewed
CVE-2023-32549 was published Jun 6, 2023
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,... Moderate Unreviewed
CVE-2023-31290 was published Apr 27, 2023
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm... High Unreviewed
CVE-2023-28395 was published Mar 28, 2023
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with... Critical Unreviewed
CVE-2022-35255 was published Dec 6, 2022
An issue was discovered in Object First 1.0.7.712. The authorization service has a flow that... Critical Unreviewed
CVE-2022-44796 was published Nov 7, 2022
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random... Moderate Unreviewed
CVE-2022-42159 was published Oct 14, 2022
SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number... Moderate Unreviewed
CVE-2022-41210 was published Oct 12, 2022
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can... High Unreviewed
CVE-2022-40769 was published Sep 19, 2022
OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token... High Unreviewed
CVE-2022-33738 was published Jul 7, 2022
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2022-20817 was published Jun 16, 2022
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the... High Unreviewed
CVE-2021-22948 was published May 24, 2022
A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to... Low Unreviewed
CVE-2021-3047 was published May 24, 2022
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. High Unreviewed
CVE-2021-37553 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API