GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
97 advisories
Filter by severity
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc
Moderate
CVE-2021-3678
was published
for
showdoc/showdoc
(Composer)
Sep 2, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone
High
CVE-2020-28924
was published
for
github.com/rclone/rclone
(Go)
Jun 10, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev
Moderate
CVE-2021-3692
was published
for
yiisoft/yii2-dev
(Composer)
Sep 1, 2021
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Moderate
CVE-2021-3990
was published
for
showdoc/showdoc
(Composer)
Dec 3, 2021
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not...
High
Unreviewed
CVE-2017-5493
was published
May 13, 2022
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3...
High
Unreviewed
CVE-2017-8081
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,...
High
Unreviewed
CVE-2018-11291
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...
High
Unreviewed
CVE-2018-11290
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...
Moderate
Unreviewed
CVE-2018-5871
was published
May 13, 2022
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum...
High
Unreviewed
CVE-2018-15552
was published
May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,...
High
Unreviewed
CVE-2018-5837
was published
May 13, 2022
The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling...
High
Unreviewed
CVE-2018-12056
was published
May 14, 2022
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum...
High
Unreviewed
CVE-2018-17071
was published
May 14, 2022
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,...
High
Unreviewed
CVE-2018-12975
was published
May 14, 2022
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a...
High
Unreviewed
CVE-2018-17968
was published
May 14, 2022
A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a...
High
Unreviewed
CVE-2018-17877
was published
May 14, 2022
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,...
Moderate
Unreviewed
CVE-2018-12885
was published
May 14, 2022
The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an...
High
Unreviewed
CVE-2018-12454
was published
May 14, 2022
The endCoinFlip function and throwSlammer function of the smart contract implementations for...
High
Unreviewed
CVE-2018-14715
was published
May 14, 2022
** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology...
High
Unreviewed
CVE-2017-9230
was published
May 14, 2022
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler...
Moderate
Unreviewed
CVE-2017-11671
was published
May 14, 2022
An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs...
High
Unreviewed
CVE-2017-17845
was published
May 14, 2022
It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates...
Critical
Unreviewed
CVE-2017-18021
was published
May 14, 2022
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
High
Unreviewed
CVE-2021-45489
was published
Dec 26, 2021
Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a...
High
Unreviewed
CVE-2013-20003
was published
Feb 10, 2022
ProTip!
Advisories are also available from the
GraphQL API