Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

54 advisories

Loading
Use of Insufficiently Random Values in penggle:kaptcha Critical
CVE-2018-18531 was published for com.github.penggle:kaptcha (Maven) Oct 23, 2018
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the... Critical Unreviewed
CVE-2022-27577 was published Apr 12, 2022
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state... Critical Unreviewed
CVE-2022-26851 was published Apr 9, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... Critical Unreviewed
CVE-2022-25752 was published Apr 13, 2022
Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup... Critical Unreviewed
CVE-2019-7667 was published May 24, 2022
Multiple W&T products of the Comserver Series use a small number space for allocating sessions... Critical Unreviewed
CVE-2022-42787 was published Nov 10, 2022
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the... Critical Unreviewed
CVE-2021-20322 was published Feb 19, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT ... Critical Unreviewed
CVE-2022-26647 was published Jul 13, 2022
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, ... Critical Unreviewed
CVE-2020-35163 was published Jul 12, 2022
otp-generator before v3.0.0 insecurely generates random one-time passwords Critical
CVE-2021-23451 was published for otp-generator (npm) Jul 26, 2022
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that... Critical Unreviewed
CVE-2020-25705 was published May 24, 2022
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict... Critical Unreviewed
CVE-2022-30935 was published Sep 29, 2022
A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and... Critical Unreviewed
CVE-2020-7548 was published May 24, 2022
Cryptographically weak PRNG in `utils.generateUUID` Critical
CVE-2022-36045 was published for nodebb (npm) Aug 30, 2022
HakuPiku
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ... Critical Unreviewed
CVE-2020-35685 was published May 24, 2022
DNS NuGet package uses insufficiently random values Critical
CVE-2021-4248 was published for DNS (NuGet) Dec 18, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are... Critical Unreviewed
CVE-2021-34646 was published May 24, 2022
A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs... Critical Unreviewed
CVE-2017-6026 was published May 13, 2022
Predictable password in Keycloak Critical
CVE-2020-1731 was published for org.keycloak:keycloak-core (Maven) Apr 15, 2020
Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm... Critical Unreviewed
CVE-2019-9863 was published May 13, 2022
An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric... Critical Unreviewed
CVE-2019-0729 was published May 13, 2022
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. Critical Unreviewed
CVE-2019-9898 was published May 13, 2022
The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary... Critical Unreviewed
CVE-2018-18602 was published May 13, 2022
The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well... Critical Unreviewed
CVE-2019-0007 was published May 13, 2022
NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that... Critical Unreviewed
CVE-2018-17888 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database