GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
248 advisories
Filter by severity
In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27636
was published
Oct 10, 2023
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27630
was published
Oct 10, 2023
In Contiki 4.5, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27634
was published
Oct 10, 2023
In PicoTCP 1.7.0, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27635
was published
Oct 10, 2023
In FNET 4.6.3, TCP ISNs are improperly random.
Critical
Unreviewed
CVE-2020-27633
was published
Oct 10, 2023
An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers ...
High
Unreviewed
CVE-2020-27213
was published
Oct 10, 2023
Magento LTS's guest order "protect code" can be brute-forced too easily
High
CVE-2023-41879
was published
for
openmage/magento-lts
(Composer)
Sep 11, 2023
An authentication bypass vulnerability exists in the OAS Engine authentication functionality of...
High
Unreviewed
CVE-2023-34353
was published
Sep 5, 2023
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass...
Critical
Unreviewed
CVE-2023-39979
was published
Sep 2, 2023
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper...
Critical
Unreviewed
CVE-2023-4344
was published
Aug 15, 2023
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R...
Moderate
Unreviewed
CVE-2023-24478
was published
Aug 15, 2023
Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation...
Critical
Unreviewed
CVE-2023-3373
was published
Aug 4, 2023
Functions with insufficient randomness were used to generate authorization tokens of the...
High
Unreviewed
CVE-2023-26451
was published
Aug 2, 2023
A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster...
Low
Unreviewed
CVE-2023-3803
was published
Jul 21, 2023
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000...
High
Unreviewed
CVE-2023-20185
was published
Jul 12, 2023
Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow...
Moderate
Unreviewed
CVE-2022-43485
was published
Jul 6, 2023
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of...
High
Unreviewed
CVE-2023-1385
was published
Jul 6, 2023
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,...
Moderate
Unreviewed
CVE-2022-26080
was published
Jul 6, 2023
Use of insufficiently random values vulnerability in User Management Functionality in Synology...
High
Unreviewed
CVE-2023-2729
was published
Jun 13, 2023
Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker...
High
Unreviewed
CVE-2023-1898
was published
Jun 12, 2023
crypto-js uses insecure random numbers
Moderate
CVE-2020-36732
was published
for
crypto-js
(npm)
Jun 12, 2023
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random...
Critical
Unreviewed
CVE-2023-2884
was published
May 25, 2023
A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This...
Low
Unreviewed
CVE-2023-2418
was published
Apr 29, 2023
Duplicate Advisory: Lemur subject to insecure random generation
High
GHSA-r4xg-4wrv-w72h
was published
for
lemur
(pip)
Apr 19, 2023
•
withdrawn
The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers...
High
Unreviewed
CVE-2023-26855
was published
Apr 4, 2023
ProTip!
Advisories are also available from the
GraphQL API