Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
Apache Syncope uses a weak PNRG Moderate
CVE-2014-3503 was published for org.apache.syncope:syncope (Maven) May 14, 2022
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,... Moderate Unreviewed
CVE-2018-12885 was published May 14, 2022
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a... High Unreviewed
CVE-2018-17968 was published May 14, 2022
A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a... High Unreviewed
CVE-2018-17877 was published May 14, 2022
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum... High Unreviewed
CVE-2018-17071 was published May 14, 2022
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,... High Unreviewed
CVE-2018-12975 was published May 14, 2022
The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling... High Unreviewed
CVE-2018-12056 was published May 14, 2022
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum... High Unreviewed
CVE-2018-15552 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... Moderate Unreviewed
CVE-2018-5871 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed
CVE-2018-5837 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed
CVE-2018-11291 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... High Unreviewed
CVE-2018-11290 was published May 13, 2022
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3... High Unreviewed
CVE-2017-8081 was published May 13, 2022
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not... High Unreviewed
CVE-2017-5493 was published May 13, 2022
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time... High Unreviewed
CVE-2016-10180 was published May 13, 2022
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the... Moderate Unreviewed
CVE-2009-3278 was published May 2, 2022
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows... High Unreviewed
CVE-2009-2367 was published May 2, 2022
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random... High Unreviewed
CVE-2008-0166 was published May 1, 2022
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to... Moderate Unreviewed
CVE-2012-6124 was published Apr 23, 2022
PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart,... Critical Unreviewed
CVE-2011-4574 was published Apr 22, 2022
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys,... Moderate Unreviewed
CVE-2008-3280 was published Apr 21, 2022
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the... High Unreviewed
CVE-2022-0828 was published Apr 12, 2022
The use of a cryptographically weak pseudo-random number generator in the password reset feature... High Unreviewed
CVE-2021-36171 was published Mar 2, 2022
Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a... High Unreviewed
CVE-2013-20003 was published Feb 10, 2022
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to... High Unreviewed
CVE-2021-34600 was published Jan 21, 2022
ProTip! Advisories are also available from the GraphQL API