GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
248 advisories
Filter by severity
A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen...
Critical
Unreviewed
CVE-2017-7902
was published
May 13, 2022
Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology...
Moderate
Unreviewed
CVE-2018-13280
was published
May 13, 2022
NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that...
Critical
Unreviewed
CVE-2018-17888
was published
May 13, 2022
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared...
Moderate
Unreviewed
CVE-2018-1279
was published
May 13, 2022
The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well...
Critical
Unreviewed
CVE-2019-0007
was published
May 13, 2022
The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary...
Critical
Unreviewed
CVE-2018-18602
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)...
Moderate
Unreviewed
CVE-2017-13080
was published
May 13, 2022
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's...
Moderate
Unreviewed
CVE-2018-1108
was published
May 13, 2022
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.
Critical
Unreviewed
CVE-2019-9898
was published
May 13, 2022
Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm...
Critical
Unreviewed
CVE-2019-9863
was published
May 13, 2022
Due to unencrypted signal communication and predictability of rolling codes, an attacker can ...
High
Unreviewed
CVE-2019-9860
was published
May 13, 2022
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the...
High
Unreviewed
CVE-2019-8919
was published
May 13, 2022
Matrix Synapse Predictable Secret Key
High
CVE-2019-5885
was published
for
matrix-synapse
(pip)
May 13, 2022
An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric...
Critical
Unreviewed
CVE-2019-0729
was published
May 13, 2022
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x...
Moderate
Unreviewed
CVE-2015-3963
was published
May 13, 2022
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to...
High
Unreviewed
CVE-2013-6925
was published
May 13, 2022
A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs...
Critical
Unreviewed
CVE-2017-6026
was published
May 13, 2022
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value
Moderate
Unreviewed
CVE-2022-29930
was published
May 13, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x...
High
Unreviewed
CVE-2022-26071
was published
May 6, 2022
pyrad is vulnerable to the use of Insufficiently Random Values
High
CVE-2013-0294
was published
for
pyrad
(pip)
May 5, 2022
Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness
Critical
Unreviewed
CVE-2013-4102
was published
May 5, 2022
A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed...
Moderate
Unreviewed
CVE-2021-41993
was published
May 3, 2022
A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed...
Moderate
Unreviewed
CVE-2021-41994
was published
May 3, 2022
account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently...
High
Unreviewed
CVE-2009-2158
was published
May 2, 2022
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0...
Moderate
Unreviewed
CVE-2009-0255
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API