GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
81 advisories
Filter by severity
Incorrect Calculation and Use of Insufficiently Random Values in Python
Moderate
Unreviewed
CVE-2020-14422
was published
May 11, 2021
CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource,...
Moderate
Unreviewed
CVE-2022-22700
was published
Mar 4, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23...
Moderate
Unreviewed
CVE-2022-26317
was published
Mar 9, 2022
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't...
Moderate
Unreviewed
CVE-2022-29035
was published
Apr 12, 2022
The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e...
Moderate
Unreviewed
CVE-2008-2020
was published
May 1, 2022
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0...
Moderate
Unreviewed
CVE-2009-0255
was published
May 2, 2022
A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed...
Moderate
Unreviewed
CVE-2021-41993
was published
May 3, 2022
A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed...
Moderate
Unreviewed
CVE-2021-41994
was published
May 3, 2022
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value
Moderate
Unreviewed
CVE-2022-29930
was published
May 13, 2022
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x...
Moderate
Unreviewed
CVE-2015-3963
was published
May 13, 2022
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's...
Moderate
Unreviewed
CVE-2018-1108
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)...
Moderate
Unreviewed
CVE-2017-13080
was published
May 13, 2022
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared...
Moderate
Unreviewed
CVE-2018-1279
was published
May 13, 2022
Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology...
Moderate
Unreviewed
CVE-2018-13280
was published
May 13, 2022
A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to...
Moderate
Unreviewed
CVE-2017-12361
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)...
Moderate
Unreviewed
CVE-2017-13078
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the...
Moderate
Unreviewed
CVE-2017-13079
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK)...
Moderate
Unreviewed
CVE-2017-13077
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the...
Moderate
Unreviewed
CVE-2017-13081
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group...
Moderate
Unreviewed
CVE-2017-13087
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup ...
Moderate
Unreviewed
CVE-2017-13086
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL)...
Moderate
Unreviewed
CVE-2017-13084
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity...
Moderate
Unreviewed
CVE-2017-13088
was published
May 13, 2022
On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single...
Moderate
Unreviewed
CVE-2017-17910
was published
May 13, 2022
An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares...
Moderate
Unreviewed
CVE-2018-19983
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API