GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
59 advisories
Filter by severity
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then...
High
Unreviewed
CVE-2021-22038
was published
May 24, 2022
An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow...
High
Unreviewed
CVE-2021-26098
was published
May 24, 2022
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password...
High
Unreviewed
CVE-2020-13860
was published
May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol...
High
Unreviewed
CVE-2020-27264
was published
May 24, 2022
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon...
High
Unreviewed
CVE-2020-1472
was published
May 24, 2022
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector...
High
Unreviewed
CVE-2020-11877
was published
May 24, 2022
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of...
High
Unreviewed
CVE-2019-6821
was published
May 24, 2022
Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including...
High
Unreviewed
CVE-2019-11641
was published
May 24, 2022
Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which...
High
Unreviewed
CVE-2016-5085
was published
May 17, 2022
A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen...
High
Unreviewed
CVE-2017-7901
was published
May 17, 2022
PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote...
High
Unreviewed
CVE-2017-10874
was published
May 17, 2022
Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide...
High
Unreviewed
CVE-2022-30782
was published
May 17, 2022
The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum...
High
Unreviewed
CVE-2018-17987
was published
May 14, 2022
In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure...
High
Unreviewed
CVE-2019-1997
was published
May 14, 2022
Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0.
High
Unreviewed
CVE-2018-20025
was published
May 14, 2022
POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be...
High
Unreviewed
CVE-2018-15807
was published
May 13, 2022
A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569...
High
Unreviewed
CVE-2017-17704
was published
May 13, 2022
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be...
High
Unreviewed
CVE-2017-17091
was published
May 13, 2022
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380...
High
Unreviewed
CVE-2017-15654
was published
May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the...
High
Unreviewed
CVE-2017-13082
was published
May 13, 2022
Due to unencrypted signal communication and predictability of rolling codes, an attacker can ...
High
Unreviewed
CVE-2019-9860
was published
May 13, 2022
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the...
High
Unreviewed
CVE-2019-8919
was published
May 13, 2022
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote attackers to...
High
Unreviewed
CVE-2013-6925
was published
May 13, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x...
High
Unreviewed
CVE-2022-26071
was published
May 6, 2022
account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently...
High
Unreviewed
CVE-2009-2158
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API