GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
248 advisories
Filter by severity
Use of Insufficiently Random Values in penggle:kaptcha
Critical
CVE-2018-18531
was published
for
com.github.penggle:kaptcha
(Maven)
Oct 23, 2018
Improper random number generation in github.com/coredns/coredns
Moderate
GHSA-gv9j-4w24-q7vx
was published
for
github.com/coredns/coredns
(Go)
Mar 1, 2022
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version...
High
Unreviewed
CVE-2023-22601
was published
Jan 13, 2023
Predictable CSRF tokens in centreon/centreon
Moderate
CVE-2021-28055
was published
for
centreon/centreon
(Composer)
Jun 8, 2021
Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web...
High
Unreviewed
CVE-2021-46010
was published
Apr 1, 2022
randomUUID in Scala.js before 1.10.0 generates predictable values.
High
Unreviewed
CVE-2022-28355
was published
Apr 3, 2022
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS...
High
Unreviewed
CVE-2022-22517
was published
Apr 8, 2022
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the...
Critical
Unreviewed
CVE-2022-27577
was published
Apr 12, 2022
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state...
Critical
Unreviewed
CVE-2022-26851
was published
Apr 9, 2022
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't...
Moderate
Unreviewed
CVE-2022-29035
was published
Apr 12, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,...
Critical
Unreviewed
CVE-2022-25752
was published
Apr 13, 2022
Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup...
Critical
Unreviewed
CVE-2019-7667
was published
May 24, 2022
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value
Moderate
Unreviewed
CVE-2022-29930
was published
May 13, 2022
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's...
Moderate
Unreviewed
CVE-2018-1108
was published
May 13, 2022
Multiple W&T products of the Comserver Series use a small number space for allocating sessions...
Critical
Unreviewed
CVE-2022-42787
was published
Nov 10, 2022
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the...
Critical
Unreviewed
CVE-2021-20322
was published
Feb 19, 2022
Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute...
Moderate
Unreviewed
CVE-2020-15023
was published
May 24, 2022
Weak private key generation in SSH.NET
Moderate
CVE-2022-29245
was published
for
SSH.NET
(NuGet)
Jun 1, 2022
ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values...
High
Unreviewed
CVE-2022-23138
was published
Jun 10, 2022
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of...
Moderate
Unreviewed
CVE-2021-25444
was published
May 24, 2022
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of...
High
Unreviewed
CVE-2022-32284
was published
Jul 5, 2022
A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen...
High
Unreviewed
CVE-2017-7901
was published
May 17, 2022
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker...
Moderate
Unreviewed
CVE-2022-33707
was published
Jul 13, 2022
totd before 1.5.3 does not properly randomize mesg IDs.
Moderate
Unreviewed
CVE-2022-34295
was published
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API