GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,527

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

53 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature... Moderate Unreviewed

CVE-2024-20331 was published Oct 23, 2024

The devices are vulnerable to session hijacking due to insufficient entropy in its session ID... Critical Unreviewed

CVE-2024-47945 was published Oct 15, 2024

Eufy HomeBase 2 model T8010X v3.2.8.3h was discovered to use the deprecated wireless protocol... High Unreviewed

CVE-2023-37822 was published Oct 3, 2024

An insufficient entropy vulnerability caused by the improper use of a randomness function with... Moderate Unreviewed

CVE-2024-38270 was published Sep 10, 2024

An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor,... Moderate Unreviewed

CVE-2023-49927 was published Jun 5, 2024

Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex... Critical Unreviewed

CVE-2024-25730 was published Feb 24, 2024

SteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction... High Unreviewed

CVE-2024-25407 was published Feb 13, 2024

An insufficient entropy vulnerability was identified in GitHub Enterprise Server (GHES) that... High Unreviewed

CVE-2023-46648 was published Dec 21, 2023

An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could... High Unreviewed

CVE-2023-31176 was published Nov 30, 2023

An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If... Moderate Unreviewed

CVE-2023-34973 was published Aug 24, 2023

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper... Critical Unreviewed

CVE-2023-4344 was published Aug 15, 2023

Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated,... Moderate Unreviewed

CVE-2023-38357 was published Aug 1, 2023

?The affected TBox RTUs generate software security tokens using insufficient entropy. The random... Moderate Unreviewed

CVE-2023-36610 was published Jul 3, 2023

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an... Critical Unreviewed

CVE-2023-3325 was published Jun 20, 2023

A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom... High Unreviewed

CVE-2023-20107 was published Mar 23, 2023

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed

CVE-2022-20941 was published Nov 16, 2022

An insufficient entropy vulnerability caused by the improper use of randomness sources with low... Moderate Unreviewed

CVE-2022-34746 was published Sep 21, 2022

Apache OpenOffice supports the storage of passwords for web connections in the user's... High Unreviewed

CVE-2022-37401 was published Aug 16, 2022

dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot... Moderate Unreviewed

CVE-2022-33989 was published Aug 16, 2022

websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation... Critical Unreviewed

CVE-2021-41615 was published Aug 9, 2022

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, ... High Unreviewed

CVE-2020-29505 was published Jul 12, 2022

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic... High Unreviewed

CVE-2022-33756 was published Jun 17, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An... Moderate Unreviewed

CVE-2022-27221 was published Jun 15, 2022

Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness Critical Unreviewed

CVE-2013-2260 was published May 24, 2022

The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the... High Unreviewed

CVE-2020-25926 was published May 24, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

53 advisories