Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
Improper random number generation in nanorand Moderate
CVE-2020-35926 was published for nanorand (Rust) Aug 25, 2021
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm... High Unreviewed
CVE-2023-28395 was published Mar 28, 2023
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with... Critical Unreviewed
CVE-2022-35255 was published Dec 6, 2022
The use of a cryptographically weak pseudo-random number generator in the password reset feature... High Unreviewed
CVE-2021-36171 was published Mar 2, 2022
Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a... High Unreviewed
CVE-2013-20003 was published Feb 10, 2022
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. High Unreviewed
CVE-2021-45489 was published Dec 26, 2021
It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates... Critical Unreviewed
CVE-2017-18021 was published May 14, 2022
An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs... High Unreviewed
CVE-2017-17845 was published May 14, 2022
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler... Moderate Unreviewed
CVE-2017-11671 was published May 14, 2022
** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology... High Unreviewed
CVE-2017-9230 was published May 14, 2022
The endCoinFlip function and throwSlammer function of the smart contract implementations for... High Unreviewed
CVE-2018-14715 was published May 14, 2022
The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an... High Unreviewed
CVE-2018-12454 was published May 14, 2022
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,... Moderate Unreviewed
CVE-2018-12885 was published May 14, 2022
A lottery smart contract implementation for Greedy 599, an Ethereum gambling game, generates a... High Unreviewed
CVE-2018-17877 was published May 14, 2022
A gambling smart contract implementation for RuletkaIo, an Ethereum gambling game, generates a... High Unreviewed
CVE-2018-17968 was published May 14, 2022
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game,... High Unreviewed
CVE-2018-12975 was published May 14, 2022
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum... High Unreviewed
CVE-2018-17071 was published May 14, 2022
The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling... High Unreviewed
CVE-2018-12056 was published May 14, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed
CVE-2018-5837 was published May 13, 2022
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum... High Unreviewed
CVE-2018-15552 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... Moderate Unreviewed
CVE-2018-5871 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... High Unreviewed
CVE-2018-11290 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650,... High Unreviewed
CVE-2018-11291 was published May 13, 2022
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3... High Unreviewed
CVE-2017-8081 was published May 13, 2022
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not... High Unreviewed
CVE-2017-5493 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database