GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,353
Composer 5,649
Erlang 49
GitHub Actions 49
Go 3,585
Maven 6,428
npm 5,888
NuGet 923
pip 4,817
Pub 13
RubyGems 1,043
Rust 1,251
Swift 53

Unreviewed advisories

All unreviewed 299,101

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

39 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys,... Moderate Unreviewed

CVE-2008-3280 was published Apr 21, 2022

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number... Moderate Unreviewed

CVE-2022-41210 was published Oct 12, 2022

An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config... Moderate Unreviewed

CVE-2019-15075 was published May 24, 2022

BTCPay Server through 1.0.7.0 uses a weak method Next to produce pseudo-random values to generate... Moderate Unreviewed

CVE-2021-29245 was published May 24, 2022

Use of cryptographically weak pseudo-random number generator (PRNG) in an API for the Intel(R)... Moderate Unreviewed

CVE-2021-0131 was published May 24, 2022

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU... Moderate Unreviewed

CVE-2018-5871 was published May 13, 2022

The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game,... Moderate Unreviewed

CVE-2018-12885 was published May 14, 2022

Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler... Moderate Unreviewed

CVE-2017-11671 was published May 14, 2022

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to... Moderate Unreviewed

CVE-2012-6124 was published Apr 23, 2022

Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183,... Moderate Unreviewed

CVE-2023-31290 was published Apr 27, 2023

An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle.... Moderate Unreviewed

CVE-2023-34363 was published Jun 9, 2023

Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative... Moderate Unreviewed

CVE-2024-5264 was published May 23, 2024

An issue ingalxe.com Galxe platform 1.0 allows a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2023-50059 was published Apr 30, 2024

An HTTP digest authentication nonce value was generated using `rand()` which could lead to... Moderate Unreviewed

CVE-2024-4772 was published May 14, 2024

tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand... Moderate Unreviewed

CVE-2024-45751 was published Sep 6, 2024

Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the... Moderate Unreviewed

CVE-2024-53702 was published Dec 5, 2024

The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a... Moderate Unreviewed

CVE-2002-20002 was published Jan 2, 2025

Crypt::Salt for Perl version 0.01 uses insecure rand() function when generating salts for... Moderate Unreviewed

CVE-2025-1805 was published Apr 2, 2025

Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values. String::Random... Moderate Unreviewed

CVE-2024-57835 was published Apr 7, 2025

The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong... Moderate Unreviewed

CVE-2024-56830 was published Jan 2, 2025

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random... Moderate Unreviewed

CVE-2022-42159 was published Oct 14, 2022

Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce... Moderate Unreviewed

CVE-2025-40919 was published Jul 16, 2025

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The... Moderate Unreviewed

CVE-2025-40924 was published Jul 17, 2025

Crypt::CBC versions between 1.21 and 3.04 for Perl may use the rand() function as the default... Moderate Unreviewed

CVE-2025-2814 was published Apr 13, 2025

Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy,... Moderate Unreviewed

CVE-2024-57868 was published Apr 7, 2025

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

39 advisories