Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

36 advisories

Loading
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev Moderate
CVE-2021-3692 was published for yiisoft/yii2-dev (Composer) Sep 1, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc Moderate
CVE-2021-3678 was published for showdoc/showdoc (Composer) Sep 2, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in org.pac4j:pac4j-saml Moderate
CVE-2019-10755 was published for org.pac4j:pac4j-saml (Maven) Nov 6, 2019
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random... Moderate Unreviewed
CVE-2022-42159 was published Oct 14, 2022
Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R)... Moderate Unreviewed
CVE-2021-0131 was published May 24, 2022
BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseudo-random values to generate... Moderate Unreviewed
CVE-2021-29245 was published May 24, 2022
An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config... Moderate Unreviewed
CVE-2019-15075 was published May 24, 2022
SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number... Moderate Unreviewed
CVE-2022-41210 was published Oct 12, 2022
Weak private key generation in SSH.NET Moderate
CVE-2022-29245 was published for SSH.NET (NuGet) Jun 1, 2022
yaumn-synacktiv
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys,... Moderate Unreviewed
CVE-2008-3280 was published Apr 21, 2022
Cryptographically Weak PRNG in generate-password Moderate
GHSA-6qqf-vvcr-7qrv was published for generate-password (npm) May 23, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database