GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
23 advisories
Filter by severity
QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through...
Critical
Unreviewed
CVE-2024-36048
was published
May 18, 2024
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea...
High
Unreviewed
CVE-2024-1579
was published
Apr 29, 2024
An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the...
Unknown
Unreviewed
CVE-2024-27632
was published
Apr 9, 2024
Objectplanet Opinio version 7.22 and prior uses a cryptographically weak pseudo-random number...
Critical
Unreviewed
CVE-2023-4472
was published
Feb 2, 2024
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric...
Critical
Unreviewed
CVE-2022-40267
was published
Jan 20, 2023
An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could...
High
Unreviewed
CVE-2021-31922
was published
May 24, 2022
A predictable seed vulnerability exists in the password reset functionality of Epignosis...
High
Unreviewed
CVE-2020-28597
was published
May 24, 2022
An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in...
Critical
Unreviewed
CVE-2020-10256
was published
May 24, 2022
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the...
High
Unreviewed
CVE-2020-11616
was published
May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator.
High
Unreviewed
CVE-2020-13784
was published
May 24, 2022
Couchbase Server 5.1.1 generates insufficiently random numbers. The product hosts many network...
Critical
Unreviewed
CVE-2019-11495
was published
May 24, 2022
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random...
Moderate
Unreviewed
CVE-2018-12384
was published
May 24, 2022
An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of...
High
Unreviewed
CVE-2018-12520
was published
May 13, 2022
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows...
High
Unreviewed
CVE-2017-5214
was published
May 13, 2022
passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin...
Critical
Unreviewed
CVE-2017-11519
was published
May 13, 2022
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG...
Critical
Unreviewed
CVE-2018-1426
was published
May 13, 2022
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time...
High
Unreviewed
CVE-2016-10180
was published
May 13, 2022
In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang...
Critical
Unreviewed
CVE-2019-10908
was published
May 13, 2022
lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.
Critical
Unreviewed
CVE-2012-1577
was published
Apr 23, 2022
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number...
Critical
Unreviewed
CVE-2022-26852
was published
Apr 9, 2022
Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo...
High
Unreviewed
CVE-2016-3735
was published
Jan 29, 2022
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to...
High
Unreviewed
CVE-2021-34600
was published
Jan 21, 2022
A flaw in the previous versions of the product may allow an authenticated attacker the ability to...
High
Unreviewed
CVE-2021-42810
was published
Jan 20, 2022
ProTip!
Advisories are also available from the
GraphQL API