GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
246 advisories
Filter by severity
Lemur subject to insecure random generation
Low
GHSA-5fqv-mpj8-h7gm
was published
for
lemur
(pip)
Mar 1, 2023
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the...
Moderate
Unreviewed
CVE-2023-20016
was published
Feb 23, 2023
KASAGO TCP/IP stack provided by Zuken Elmic generates ISNs(Initial Sequence Number) for TCP...
Critical
Unreviewed
CVE-2022-43501
was published
Feb 10, 2023
Rancher cattle-token is predictable
High
CVE-2022-43755
was published
for
github.com/rancher/rancher
(Go)
Jan 25, 2023
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39...
Moderate
Unreviewed
CVE-2023-22912
was published
Jan 20, 2023
Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017...
High
Unreviewed
CVE-2017-5242
was published
Jan 13, 2023
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version...
High
Unreviewed
CVE-2023-22601
was published
Jan 13, 2023
A vulnerability has been found in Morgawr Muon 0.1.1 and classified as problematic. Affected by...
High
Unreviewed
CVE-2019-25089
was published
Dec 27, 2022
A vulnerability, which was classified as problematic, has been found in fredsmith utils. This...
Moderate
Unreviewed
CVE-2021-4277
was published
Dec 25, 2022
DNS NuGet package uses insufficiently random values
Critical
CVE-2021-4248
was published
for
DNS
(NuGet)
Dec 18, 2022
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE...
Critical
Unreviewed
CVE-2022-46353
was published
Dec 13, 2022
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)...
Moderate
Unreviewed
CVE-2022-20941
was published
Nov 16, 2022
Insufficient Entropy in PHPServerMon PRNG
Moderate
CVE-2021-4240
was published
for
phpservermon/phpservermon
(Composer)
Nov 16, 2022
PHPServerMon PRNG has Insufficient Entropy
Moderate
CVE-2021-4241
was published
for
phpservermon/phpservermon
(Composer)
Nov 16, 2022
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1....
Moderate
Unreviewed
CVE-2022-3959
was published
Nov 11, 2022
Use of unclaimed s3 bucket in tests and examples
Moderate
CVE-2022-36022
was published
for
org.deeplearning4j:dl4j-examples
(Maven)
Nov 10, 2022
Multiple W&T products of the Comserver Series use a small number space for allocating sessions...
Critical
Unreviewed
CVE-2022-42787
was published
Nov 10, 2022
An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which...
Moderate
Unreviewed
CVE-2022-44795
was published
Nov 7, 2022
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict...
Critical
Unreviewed
CVE-2022-30935
was published
Sep 29, 2022
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used...
Moderate
Unreviewed
CVE-2022-38970
was published
Sep 27, 2022
Fastly Compute@Edge JS Runtime has fixed random number seed during compilation
High
CVE-2022-39218
was published
for
@fastly/js-compute
(npm)
Sep 20, 2022
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
Moderate
Unreviewed
CVE-2022-1615
was published
Sep 2, 2022
Cryptographically weak PRNG in `utils.generateUUID`
Critical
CVE-2022-36045
was published
for
nodebb
(npm)
Aug 30, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's...
High
Unreviewed
CVE-2022-37400
was published
Aug 16, 2022
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1...
High
Unreviewed
CVE-2022-30629
was published
Aug 11, 2022
ProTip!
Advisories are also available from the
GraphQL API