Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0... Moderate Unreviewed
CVE-2009-0255 was published May 2, 2022
The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e... Moderate Unreviewed
CVE-2008-2020 was published May 1, 2022
Use of Insufficiently Random Values in github.com/greenpau/caddy-security Moderate
CVE-2024-21495 was published for github.com/greenpau/caddy-security (Go) Feb 17, 2024
Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it... Moderate Unreviewed
CVE-2008-4905 was published May 17, 2022
Jetty Uses Predictable Session Identifiers Moderate
CVE-2006-6969 was published for org.eclipse.jetty:jetty-server (Maven) May 1, 2022
TYPO3 is vulnerable to Insecure randomness in uniqid function Moderate
CVE-2010-3666 was published for typo3/cms-install (Composer) Apr 21, 2022
Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session.... Moderate Unreviewed
CVE-2024-23688 was published Jan 20, 2024
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2022-20941 was published Nov 16, 2022
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This... Moderate Unreviewed
CVE-2023-32831 was published Jan 2, 2024
Henschen & Associates court document management software does not sufficiently randomize file... Moderate Unreviewed
CVE-2023-6376 was published Nov 30, 2023
An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface... Moderate Unreviewed
CVE-2020-17470 was published May 24, 2022
golang.org/x/crypto/salsa20/salsa uses insufficiently random values Moderate
CVE-2019-11840 was published for golang.org/x/crypto (Go) May 24, 2022
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. Moderate Unreviewed
CVE-2022-1615 was published Sep 2, 2022
OrientDB Server Community Edition uses insufficiently random values to generate session IDs Moderate
CVE-2015-2913 was published for com.orientechnologies:orientdb-server (Maven) Oct 18, 2018
Cryptographically Weak PRNG in randomatic Moderate
CVE-2017-16028 was published for randomatic (npm) Oct 9, 2018
miekg/dns insecurely generates random numbers Moderate
CVE-2019-19794 was published for github.com/miekg/dns (Go) May 18, 2021
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All... Moderate Unreviewed
CVE-2021-25677 was published May 24, 2022
Fat Free CRM has fixed token value Moderate
CVE-2013-7222 was published for fat_free_crm (RubyGems) May 17, 2022
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... Moderate Unreviewed
CVE-2022-26317 was published Mar 9, 2022
Insufficient Entropy in PHPServerMon PRNG Moderate
CVE-2021-4240 was published for phpservermon/phpservermon (Composer) Nov 16, 2022
PHPServerMon PRNG has Insufficient Entropy Moderate
CVE-2021-4241 was published for phpservermon/phpservermon (Composer) Nov 16, 2022
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7... Moderate Unreviewed
CVE-2021-27499 was published May 24, 2022
Incorrect Calculation and Use of Insufficiently Random Values in Python Moderate Unreviewed
CVE-2020-14422 was published May 11, 2021
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the... Moderate Unreviewed
CVE-2023-20016 was published Feb 23, 2023
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed
CVE-2023-22912 was published Jan 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database