GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,554

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

190 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of... Moderate Unreviewed

CVE-2018-19441 was published May 24, 2022

The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in... Moderate Unreviewed

CVE-2020-7241 was published May 24, 2022

The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device... Moderate Unreviewed

CVE-2019-18282 was published May 24, 2022

A password generation weakness exists in xquest through 2016-06-13. Low Unreviewed

CVE-2016-4980 was published May 24, 2022

The token generator in index.php in Centreon Web before 2.8.27 is predictable. Moderate Unreviewed

CVE-2019-17105 was published May 24, 2022

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap... Critical Unreviewed

CVE-2019-2294 was published May 24, 2022

OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include... Moderate Unreviewed

CVE-2019-1549 was published May 24, 2022

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while... Moderate Unreviewed

CVE-2019-12821 was published May 24, 2022

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap... Moderate Unreviewed

CVE-2019-1010025 was published May 24, 2022

Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup... Critical Unreviewed

CVE-2019-7667 was published May 24, 2022

The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token,... Moderate Unreviewed

CVE-2018-18425 was published May 24, 2022

CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of... High Unreviewed

CVE-2019-6821 was published May 24, 2022

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which... Moderate Unreviewed

CVE-2019-11690 was published May 24, 2022

Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including... High Unreviewed

CVE-2019-11641 was published May 24, 2022

generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp... Critical Unreviewed

CVE-2014-6311 was published May 17, 2022

The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy... Moderate Unreviewed

CVE-2008-5162 was published May 17, 2022

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it... Moderate Unreviewed

CVE-2008-4905 was published May 17, 2022

MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded... Moderate Unreviewed

CVE-2008-4929 was published May 17, 2022

Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which... High Unreviewed

CVE-2016-5085 was published May 17, 2022

In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random... Moderate Unreviewed

CVE-2015-9019 was published May 17, 2022

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen... High Unreviewed

CVE-2017-7901 was published May 17, 2022

PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote... High Unreviewed

CVE-2017-10874 was published May 17, 2022

Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide... High Unreviewed

CVE-2022-30782 was published May 17, 2022

Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to... Moderate Unreviewed

CVE-2018-11045 was published May 14, 2022

The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum... High Unreviewed

CVE-2018-17987 was published May 14, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

190 advisories