GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
55 advisories
Filter by severity
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic...
High
Unreviewed
CVE-2022-33756
was published
Jun 17, 2022
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,
...
High
Unreviewed
CVE-2020-29505
was published
Jul 12, 2022
An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1 and below for device not...
Low
Unreviewed
CVE-2019-15703
was published
May 24, 2022
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library...
Moderate
Unreviewed
CVE-2019-10064
was published
May 24, 2022
The authentication implementation on the xArm controller has very low entropy, making it...
High
Unreviewed
CVE-2020-10285
was published
May 24, 2022
A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit...
Moderate
Unreviewed
CVE-2021-3505
was published
May 24, 2022
Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce.
Critical
Unreviewed
CVE-2021-33027
was published
May 24, 2022
A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all...
Critical
Unreviewed
CVE-2021-22727
was published
May 24, 2022
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the...
High
Unreviewed
CVE-2020-25926
was published
May 24, 2022
dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot...
Moderate
Unreviewed
CVE-2022-33989
was published
Aug 16, 2022
An insufficient entropy vulnerability caused by the improper use of randomness sources with low...
Moderate
Unreviewed
CVE-2022-34746
was published
Sep 21, 2022
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2)...
Moderate
Unreviewed
CVE-2008-1447
was published
May 3, 2022
websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation...
Critical
Unreviewed
CVE-2021-41615
was published
Aug 9, 2022
A Predictable Value Range from Previous Values issue was discovered in Schneider Electric Modicon...
Moderate
Unreviewed
CVE-2017-6030
was published
May 13, 2022
The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape...
High
Unreviewed
CVE-2014-8422
was published
May 13, 2022
A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to...
Moderate
Unreviewed
CVE-2021-42138
was published
Dec 21, 2021
Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK...
Moderate
Unreviewed
CVE-2019-9555
was published
May 13, 2022
Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying...
Moderate
Unreviewed
CVE-2016-2564
was published
May 13, 2022
ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with...
High
Unreviewed
CVE-2017-0897
was published
May 13, 2022
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The...
High
Unreviewed
CVE-2017-13992
was published
May 13, 2022
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide...
Moderate
Unreviewed
CVE-2018-8435
was published
May 13, 2022
SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token...
High
Unreviewed
CVE-2018-10240
was published
May 14, 2022
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local...
Moderate
Unreviewed
CVE-2017-2626
was published
May 14, 2022
Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it...
High
Unreviewed
CVE-2014-0691
was published
May 17, 2022
A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from...
Low
Unreviewed
CVE-2021-22799
was published
Jan 29, 2022
ProTip!
Advisories are also available from the
GraphQL API