GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Insecure random number generation in keypair
High
CVE-2021-41117
was published
for
keypair
(npm)
Oct 11, 2021
A flaw in the previous versions of the product may allow an authenticated attacker the ability to...
High
Unreviewed
CVE-2021-42810
was published
Jan 20, 2022
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to...
High
Unreviewed
CVE-2021-34600
was published
Jan 21, 2022
Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo...
High
Unreviewed
CVE-2016-3735
was published
Jan 29, 2022
Cryptographic Issues in ECK
High
CVE-2020-7010
was published
for
github.com/elastic/cloud-on-k8s
(Go)
Feb 15, 2022
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time...
High
Unreviewed
CVE-2016-10180
was published
May 13, 2022
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows...
High
Unreviewed
CVE-2017-5214
was published
May 13, 2022
An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of...
High
Unreviewed
CVE-2018-12520
was published
May 13, 2022
Insecure PRNG use in random_password_generator
High
CVE-2019-25061
was published
for
random_password_generator
(RubyGems)
May 19, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator.
High
Unreviewed
CVE-2020-13784
was published
May 24, 2022
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the...
High
Unreviewed
CVE-2020-11616
was published
May 24, 2022
A predictable seed vulnerability exists in the password reset functionality of Epignosis...
High
Unreviewed
CVE-2020-28597
was published
May 24, 2022
An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could...
High
Unreviewed
CVE-2021-31922
was published
May 24, 2022
Fastly Compute@Edge JS Runtime has fixed random number seed during compilation
High
CVE-2022-39218
was published
for
@fastly/js-compute
(npm)
Sep 20, 2022
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea...
High
Unreviewed
CVE-2024-1579
was published
Apr 29, 2024
ProTip!
Advisories are also available from the
GraphQL API