Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
pyrad is vulnerable to the use of Insufficiently Random Values High
CVE-2013-0294 was published for pyrad (pip) May 5, 2022
pyftpdlib Use of Insufficiently Random Values of port selection on PASV command High
CVE-2007-6738 was published for pyftpdlib (pip) May 1, 2022
PyPinkSign uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption High
CVE-2023-48056 was published for pypinksign (pip) Nov 16, 2023
Pysaml2 improperly initializes encryption vector Moderate
CVE-2017-1000246 was published for pysaml2 (pip) Jul 16, 2018
zmthy
SimpleGeo python-oauth2 vulnerable to the use of Insufficiently Random Values to generate nonces Moderate
CVE-2013-4347 was published for oauth2 (pip) May 17, 2022
Lemur subject to insecure random generation High
CVE-2023-30797 was published for lemur (pip) Mar 1, 2023
kjsman
Duplicate Advisory: Lemur subject to insecure random generation High
GHSA-r4xg-4wrv-w72h was published for lemur (pip) Apr 19, 2023 withdrawn
Matrix Synapse Predictable Secret Key High
CVE-2019-5885 was published for matrix-synapse (pip) May 13, 2022
Insufficiently random values in Ansible Moderate
CVE-2020-10729 was published for ansible (pip) Jun 15, 2021
Ansible uses a socket with predictable filename in /tmp Low
CVE-2013-4259 was published for Ansible (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API