Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea... High Unreviewed
CVE-2024-1579 was published Apr 29, 2024
Fastly Compute@Edge JS Runtime has fixed random number seed during compilation High
CVE-2022-39218 was published for @fastly/js-compute (npm) Sep 20, 2022
JakeChampion
An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffic Manager before 21.1 could... High Unreviewed
CVE-2021-31922 was published May 24, 2022
A predictable seed vulnerability exists in the password reset functionality of Epignosis... High Unreviewed
CVE-2020-28597 was published May 24, 2022
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the... High Unreviewed
CVE-2020-11616 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator. High Unreviewed
CVE-2020-13784 was published May 24, 2022
Insecure PRNG use in random_password_generator High
CVE-2019-25061 was published for random_password_generator (RubyGems) May 19, 2022
An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of... High Unreviewed
CVE-2018-12520 was published May 13, 2022
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows... High Unreviewed
CVE-2017-5214 was published May 13, 2022
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time... High Unreviewed
CVE-2016-10180 was published May 13, 2022
Cryptographic Issues in ECK High
CVE-2020-7010 was published for github.com/elastic/cloud-on-k8s (Go) Feb 15, 2022
Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo... High Unreviewed
CVE-2016-3735 was published Jan 29, 2022
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to... High Unreviewed
CVE-2021-34600 was published Jan 21, 2022
A flaw in the previous versions of the product may allow an authenticated attacker the ability to... High Unreviewed
CVE-2021-42810 was published Jan 20, 2022
Insecure random number generation in keypair High
CVE-2021-41117 was published for keypair (npm) Oct 11, 2021
vcsjones
ProTip! Advisories are also available from the GraphQL API