GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
The devices are vulnerable to session hijacking due to insufficient
entropy in its session ID...
Critical
Unreviewed
CVE-2024-47945
was published
Oct 15, 2024
Unable to generate the correct character set
Critical
CVE-2024-36400
was published
for
nano-id
(Rust)
Jun 4, 2024
nano-id reduced entropy due to inadequate character set usage
Critical
GHSA-2hfw-w739-p7x5
was published
for
nano-id
(Rust)
Jun 4, 2024
Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex...
Critical
Unreviewed
CVE-2024-25730
was published
Feb 24, 2024
WWBN AVideo Insufficient Entropy vulnerbaility
Critical
CVE-2023-49599
was published
for
wwbn/avideo
(Composer)
Jan 10, 2024
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper...
Critical
Unreviewed
CVE-2023-4344
was published
Aug 15, 2023
The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an...
Critical
Unreviewed
CVE-2023-3325
was published
Jun 20, 2023
GoUtils's randomly-generated alphanumeric strings contain significantly less entropy than expected
Critical
CVE-2021-4238
was published
for
github.com/Masterminds/goutils
(Go)
Dec 28, 2022
websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation...
Critical
Unreviewed
CVE-2021-41615
was published
Aug 9, 2022
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
Critical
Unreviewed
CVE-2013-2260
was published
May 24, 2022
A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all...
Critical
Unreviewed
CVE-2021-22727
was published
May 24, 2022
Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce.
Critical
Unreviewed
CVE-2021-33027
was published
May 24, 2022
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass...
Critical
Unreviewed
CVE-2021-36320
was published
Nov 21, 2021
Insufficient Entropy in parsel
Critical
GHSA-vjvw-wcmw-pr26
was published
for
parsel
(npm)
Sep 4, 2020
Insufficient Entropy in cryptiles
Critical
CVE-2018-1000620
was published
for
cryptiles
(npm)
Sep 11, 2018
ProTip!
Advisories are also available from the
GraphQL API