Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,489
Erlang
33
GitHub Actions
24
Go
2,211
Maven
5,000+
npm
3,869
NuGet
696
pip
3,642
Pub
12
RubyGems
913
Rust
921
Swift
38
Unreviewed advisories
All unreviewed
5,000+

110 advisories

Loading
SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses an insecure AES key to encrypt... Moderate Unreviewed
CVE-2024-50684 was published Feb 26, 2025
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields,... Moderate Unreviewed
CVE-2024-10604 was published Jan 30, 2025
Use of Insufficiently Random Values in undici Moderate
CVE-2025-22150 was published for undici (npm) Jan 21, 2025
mcollina parrot409
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then... Moderate Unreviewed
CVE-2025-0218 was published Jan 7, 2025
A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature... Moderate Unreviewed
CVE-2024-20331 was published Oct 23, 2024
Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection... Moderate Unreviewed
CVE-2024-6348 was published Aug 19, 2024
A vulnerability, which was classified as problematic, was found in projectsend up to r1605.... Moderate Unreviewed
CVE-2024-7659 was published Aug 12, 2024
Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed
CVE-2024-42165 was published Aug 12, 2024
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed
CVE-2024-42164 was published Aug 12, 2024
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up... Moderate Unreviewed
CVE-2024-5149 was published Jun 5, 2024
The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2023-6799 was published Apr 9, 2024
Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3,... Moderate Unreviewed
CVE-2024-28013 was published Mar 28, 2024
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure... Moderate Unreviewed
CVE-2024-22473 was published Feb 21, 2024
Use of Insufficiently Random Values in github.com/greenpau/caddy-security Moderate
CVE-2024-21495 was published for github.com/greenpau/caddy-security (Go) Feb 17, 2024
Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session.... Moderate Unreviewed
CVE-2024-23688 was published Jan 20, 2024
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This... Moderate Unreviewed
CVE-2023-32831 was published Jan 2, 2024
Henschen & Associates court document management software does not sufficiently randomize file... Moderate Unreviewed
CVE-2023-6376 was published Nov 30, 2023
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R... Moderate Unreviewed
CVE-2023-24478 was published Aug 15, 2023
Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow... Moderate Unreviewed
CVE-2022-43485 was published Jul 6, 2023
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,... Moderate Unreviewed
CVE-2022-26080 was published Jul 6, 2023
crypto-js uses insecure random numbers Moderate
CVE-2020-36732 was published for crypto-js (npm) Jun 12, 2023
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the... Moderate Unreviewed
CVE-2023-20016 was published Feb 23, 2023
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed
CVE-2023-22912 was published Jan 20, 2023
A vulnerability, which was classified as problematic, has been found in fredsmith utils. This... Moderate Unreviewed
CVE-2021-4277 was published Dec 25, 2022
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2022-20941 was published Nov 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database