Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could... High Unreviewed
CVE-2021-31922 was published May 24, 2022
Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo... High Unreviewed
CVE-2016-3735 was published Jan 29, 2022
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the... High Unreviewed
CVE-2020-11616 was published May 24, 2022
A predictable seed vulnerability exists in the password reset functionality of Epignosis... High Unreviewed
CVE-2020-28597 was published May 24, 2022
Fastly Compute@Edge JS Runtime has fixed random number seed during compilation High
CVE-2022-39218 was published for @fastly/js-compute (npm) Sep 20, 2022
JakeChampion
Insecure random number generation in keypair High
CVE-2021-41117 was published for keypair (npm) Oct 11, 2021
vcsjones
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows... High Unreviewed
CVE-2017-5214 was published May 13, 2022
An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of... High Unreviewed
CVE-2018-12520 was published May 13, 2022
A flaw in the previous versions of the product may allow an authenticated attacker the ability to... High Unreviewed
CVE-2021-42810 was published Jan 20, 2022
Insecure PRNG use in random_password_generator High
CVE-2019-25061 was published for random_password_generator (RubyGems) May 19, 2022
Cryptographic Issues in ECK High
CVE-2020-7010 was published for github.com/elastic/cloud-on-k8s (Go) Feb 15, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator. High Unreviewed
CVE-2020-13784 was published May 24, 2022
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea... High Unreviewed
CVE-2024-1579 was published Apr 29, 2024
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time... High Unreviewed
CVE-2016-10180 was published May 13, 2022
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to... High Unreviewed
CVE-2021-34600 was published Jan 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database