Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
Golf may allow attacker to bypass CSRF protections due to weak PRNG High
CVE-2016-15005 was published for github.com/dinever/golf (Go) Dec 28, 2022
Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of... High Unreviewed
CVE-2017-18486 was published May 24, 2022
A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom... High Unreviewed
CVE-2019-1715 was published May 24, 2022
PyCrypto does not properly reseed PRNG before allowing access High
CVE-2013-1445 was published for pycrypto (pip) May 17, 2022
Symfony Cryptographic Vulnerability High
CVE-2016-1902 was published for symfony/security (Composer) May 17, 2022
Huawei home gateways WS318 with software V100R001C01B022 and earlier versions are affected by the... High Unreviewed
CVE-2014-9690 was published May 17, 2022
hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random()... High Unreviewed
CVE-2016-10743 was published May 14, 2022
Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo PX automation controllers... High Unreviewed
CVE-2016-9154 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database