GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
81 advisories
Filter by severity
Insecure Entropy Source - Math.random() in node-uuid
High
CVE-2015-8851
was published
for
node-uuid
(npm)
Apr 16, 2020
Insufficient Entropy in parsel
Critical
GHSA-vjvw-wcmw-pr26
was published
for
parsel
(npm)
Sep 4, 2020
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic...
High
Unreviewed
CVE-2022-33756
was published
Jun 17, 2022
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,
...
High
Unreviewed
CVE-2020-29505
was published
Jul 12, 2022
An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1 and below for device not...
Low
Unreviewed
CVE-2019-15703
was published
May 24, 2022
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library...
Moderate
Unreviewed
CVE-2019-10064
was published
May 24, 2022
The authentication implementation on the xArm controller has very low entropy, making it...
High
Unreviewed
CVE-2020-10285
was published
May 24, 2022
A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit...
Moderate
Unreviewed
CVE-2021-3505
was published
May 24, 2022
Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce.
Critical
Unreviewed
CVE-2021-33027
was published
May 24, 2022
A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all...
Critical
Unreviewed
CVE-2021-22727
was published
May 24, 2022
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the...
High
Unreviewed
CVE-2020-25926
was published
May 24, 2022
dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot...
Moderate
Unreviewed
CVE-2022-33989
was published
Aug 16, 2022
An insufficient entropy vulnerability caused by the improper use of randomness sources with low...
Moderate
Unreviewed
CVE-2022-34746
was published
Sep 21, 2022
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2)...
Moderate
Unreviewed
CVE-2008-1447
was published
May 3, 2022
websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation...
Critical
Unreviewed
CVE-2021-41615
was published
Aug 9, 2022
Insufficient Entropy in DotNetNuke
High
CVE-2018-15812
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Insufficient Entropy in DotNetNuke
High
CVE-2018-18326
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
A Predictable Value Range from Previous Values issue was discovered in Schneider Electric Modicon...
Moderate
Unreviewed
CVE-2017-6030
was published
May 13, 2022
The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape...
High
Unreviewed
CVE-2014-8422
was published
May 13, 2022
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone
High
CVE-2020-28924
was published
for
github.com/rclone/rclone
(Go)
Jun 10, 2021
A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to...
Moderate
Unreviewed
CVE-2021-42138
was published
Dec 21, 2021
Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK...
Moderate
Unreviewed
CVE-2019-9555
was published
May 13, 2022
Invision Power Services (IPS) Community Suite before 4.1.9 makes session hijack easier by relying...
Moderate
Unreviewed
CVE-2016-2564
was published
May 13, 2022
ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with...
High
Unreviewed
CVE-2017-0897
was published
May 13, 2022
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The...
High
Unreviewed
CVE-2017-13992
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API