GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Cryptographically Weak PRNG in randomatic
Moderate
CVE-2017-16028
was published
for
randomatic
(npm)
Oct 9, 2018
Cryptographically Weak PRNG in generate-password
Moderate
GHSA-6qqf-vvcr-7qrv
was published
for
generate-password
(npm)
May 23, 2019
Use of Cryptographically Weak Pseudo-Random Number Generator in org.pac4j:pac4j-saml
Moderate
CVE-2019-10755
was published
for
org.pac4j:pac4j-saml
(Maven)
Nov 6, 2019
miekg/dns insecurely generates random numbers
Moderate
CVE-2019-19794
was published
for
github.com/miekg/dns
(Go)
May 18, 2021
Improper random number generation in nanorand
Moderate
CVE-2020-35926
was published
for
nanorand
(Rust)
Aug 25, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev
Moderate
CVE-2021-3692
was published
for
yiisoft/yii2-dev
(Composer)
Sep 1, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in showdoc
Moderate
CVE-2021-3678
was published
for
showdoc/showdoc
(Composer)
Sep 2, 2021
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Moderate
CVE-2021-3990
was published
for
showdoc/showdoc
(Composer)
Dec 3, 2021
Apache Syncope uses a weak PNRG
Moderate
CVE-2014-3503
was published
for
org.apache.syncope:syncope
(Maven)
May 14, 2022
Magento 2 Community Cryptographic Flaw
Moderate
CVE-2019-7855
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Weak PRNG
Moderate
CVE-2019-8113
was published
for
magento/community-edition
(Composer)
May 24, 2022
Weak private key generation in SSH.NET
Moderate
CVE-2022-29245
was published
for
SSH.NET
(NuGet)
Jun 1, 2022
stormpath/sdk uses Insecure Random Number Generator
Moderate
GHSA-q8fc-v85f-78pw
was published
for
stormpath/sdk
(Composer)
May 29, 2024
ProTip!
Advisories are also available from the
GraphQL API