GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
81 advisories
Filter by severity
A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature...
Moderate
Unreviewed
CVE-2024-20331
was published
Oct 23, 2024
Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection...
Moderate
Unreviewed
CVE-2024-6348
was published
Aug 19, 2024
A vulnerability, which was classified as problematic, was found in projectsend up to r1605....
Moderate
Unreviewed
CVE-2024-7659
was published
Aug 12, 2024
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow...
Moderate
Unreviewed
CVE-2024-42164
was published
Aug 12, 2024
Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow...
Moderate
Unreviewed
CVE-2024-42165
was published
Aug 12, 2024
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up...
Moderate
Unreviewed
CVE-2024-5149
was published
Jun 5, 2024
Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3,...
Moderate
Unreviewed
CVE-2024-28013
was published
Mar 28, 2024
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure...
Moderate
Unreviewed
CVE-2024-22473
was published
Feb 21, 2024
Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session....
Moderate
Unreviewed
CVE-2024-23688
was published
Jan 20, 2024
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This...
Moderate
Unreviewed
CVE-2023-32831
was published
Jan 2, 2024
Henschen & Associates court document management software does not sufficiently randomize file...
Moderate
Unreviewed
CVE-2023-6376
was published
Nov 30, 2023
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R...
Moderate
Unreviewed
CVE-2023-24478
was published
Aug 15, 2023
Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow...
Moderate
Unreviewed
CVE-2022-43485
was published
Jul 6, 2023
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,...
Moderate
Unreviewed
CVE-2022-26080
was published
Jul 6, 2023
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the...
Moderate
Unreviewed
CVE-2023-20016
was published
Feb 23, 2023
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39...
Moderate
Unreviewed
CVE-2023-22912
was published
Jan 20, 2023
A vulnerability, which was classified as problematic, has been found in fredsmith utils. This...
Moderate
Unreviewed
CVE-2021-4277
was published
Dec 25, 2022
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)...
Moderate
Unreviewed
CVE-2022-20941
was published
Nov 16, 2022
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1....
Moderate
Unreviewed
CVE-2022-3959
was published
Nov 11, 2022
An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which...
Moderate
Unreviewed
CVE-2022-44795
was published
Nov 7, 2022
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used...
Moderate
Unreviewed
CVE-2022-38970
was published
Sep 27, 2022
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
Moderate
Unreviewed
CVE-2022-1615
was published
Sep 2, 2022
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker...
Moderate
Unreviewed
CVE-2022-33707
was published
Jul 13, 2022
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.
Moderate
Unreviewed
CVE-2022-25047
was published
Jul 8, 2022
totd before 1.5.3 does not properly randomize mesg IDs.
Moderate
Unreviewed
CVE-2022-34295
was published
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API