GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
189 advisories
Filter by severity
Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3,...
Moderate
Unreviewed
CVE-2024-28013
was published
Mar 28, 2024
A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature...
Moderate
Unreviewed
CVE-2024-20331
was published
Oct 23, 2024
The Rambus SafeZone Basic Crypto Module, as used in certain Fujifilm (formerly Fuji Xerox)...
Critical
Unreviewed
CVE-2022-26320
was published
Mar 15, 2022
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure...
Moderate
Unreviewed
CVE-2024-22473
was published
Feb 21, 2024
An issue was discovered in AdaCore ada_web_services 20.0 allows an attacker to escalate...
High
Unreviewed
CVE-2024-41708
was published
Sep 25, 2024
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper...
Critical
Unreviewed
CVE-2023-4344
was published
Aug 15, 2023
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow...
Moderate
Unreviewed
CVE-2024-42164
was published
Aug 12, 2024
Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection...
Moderate
Unreviewed
CVE-2024-6348
was published
Aug 19, 2024
A vulnerability, which was classified as problematic, was found in projectsend up to r1605....
Moderate
Unreviewed
CVE-2024-7659
was published
Aug 12, 2024
Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow...
Moderate
Unreviewed
CVE-2024-42165
was published
Aug 12, 2024
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in...
High
Unreviewed
CVE-2024-21460
was published
Jul 1, 2024
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th...
High
Unreviewed
CVE-2024-25943
was published
Jun 29, 2024
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All...
High
Unreviewed
CVE-2024-35292
was published
Jun 11, 2024
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up...
Moderate
Unreviewed
CVE-2024-5149
was published
Jun 5, 2024
MileSight DeviceHub -
CWE-330 Use of Insufficiently Random Values may allow Authentication...
Critical
Unreviewed
CVE-2024-36389
was published
Jun 2, 2024
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon...
High
Unreviewed
CVE-2020-1472
was published
May 24, 2022
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,...
Moderate
Unreviewed
CVE-2022-26080
was published
Jul 6, 2023
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE...
Critical
Unreviewed
CVE-2022-46353
was published
Dec 13, 2022
In Contiki 4.5, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27634
was published
Oct 10, 2023
An authentication bypass vulnerability exists in the OAS Engine authentication functionality of...
High
Unreviewed
CVE-2023-34353
was published
Sep 5, 2023
In FNET 4.6.3, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27633
was published
Oct 10, 2023
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27630
was published
Oct 10, 2023
In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27636
was published
Oct 10, 2023
In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27631
was published
Oct 10, 2023
In PicoTCP 1.7.0, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27635
was published
Oct 10, 2023
ProTip!
Advisories are also available from the
GraphQL API