Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

92 advisories

Loading
Passeo uses insecure random number generator High
CVE-2022-23472 was published for Passeo (pip) Dec 6, 2022
Bluenix2 ArjunSharda
The goTenna Pro series does not use SecureRandom when generating its cryptographic keys. The... High Unreviewed
CVE-2024-47126 was published Sep 26, 2024
matrix-sydent and matrix-synapse Use Cryptographically Weak PRNG High
CVE-2019-11842 was published for matrix-sydent (pip) May 24, 2022
westonsteimel
The goTenna Pro ATAK Plugin does not use SecureRandom when generating its cryptographic keys.... High Unreviewed
CVE-2024-45723 was published Sep 26, 2024
go.uuid has Predictable UUID Identifiers Critical
CVE-2021-3538 was published for github.com/satori/go.uuid (Go) Feb 7, 2023
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to... High Unreviewed
CVE-2021-34600 was published Jan 21, 2022
Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation Critical
CVE-2024-29868 was published for org.apache.streampipes:streampipes-resource-management (Maven) Jun 24, 2024
oscerd
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time... High Unreviewed
CVE-2016-10180 was published May 13, 2022
Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography. High Unreviewed
CVE-2024-34538 was published May 6, 2024
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed ... High Unreviewed
CVE-2024-25389 was published Mar 27, 2024
stormpath/sdk uses Insecure Random Number Generator Moderate
GHSA-q8fc-v85f-78pw was published for stormpath/sdk (Composer) May 29, 2024
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative... Moderate Unreviewed
CVE-2024-5264 was published May 23, 2024
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate... High Unreviewed
CVE-2023-27791 was published Oct 19, 2023
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using... High Unreviewed
CVE-2022-26943 was published Oct 19, 2023
The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6... High Unreviewed
CVE-2023-39910 was published Aug 9, 2023
The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in... Critical Unreviewed
CVE-2023-36993 was published Jul 7, 2023
A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and... Low Unreviewed
CVE-2022-48506 was published Jun 19, 2023
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle.... Moderate Unreviewed
CVE-2023-34363 was published Jun 9, 2023
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. High Unreviewed
CVE-2023-32549 was published Jun 6, 2023
Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,... Moderate Unreviewed
CVE-2023-31290 was published Apr 27, 2023
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator. High Unreviewed
CVE-2020-13784 was published May 24, 2022
Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver <... High Unreviewed
CVE-2019-5440 was published May 24, 2022
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to... Moderate Unreviewed
CVE-2012-6124 was published Apr 23, 2022
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This ... Moderate Unreviewed
CVE-2023-45236 was published Jan 16, 2024
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This ... Moderate Unreviewed
CVE-2023-45237 was published Jan 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database