GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,576
Composer 5,554
Erlang 49
GitHub Actions 49
Go 3,430
Maven 6,367
npm 5,652
NuGet 882
pip 4,680
Pub 13
RubyGems 1,029
Rust 1,212
Swift 53

Unreviewed advisories

All unreviewed 296,915

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

36 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy... Moderate Unreviewed

CVE-2026-2878 was published Feb 25, 2026

An insufficient entropy vulnerability was found in glibc. The getrandom and arc4random family of... Moderate Unreviewed

CVE-2025-0577 was published Feb 18, 2026

The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within... Moderate Unreviewed

CVE-2026-2541 was published Feb 15, 2026

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore... Moderate Unreviewed

CVE-2025-32898 was published Dec 5, 2025

WebService::Xero 0.11 and earlier for Perl uses the rand() function as the default source of... Moderate Unreviewed

CVE-2024-52322 was published Apr 7, 2025

Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of... Moderate Unreviewed

CVE-2024-58036 was published Apr 7, 2025

Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy,... Moderate Unreviewed

CVE-2024-57868 was published Apr 7, 2025

Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy,... Moderate Unreviewed

CVE-2024-56370 was published Apr 5, 2025

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt... Moderate Unreviewed

CVE-2025-27552 was published Mar 26, 2025

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt... Moderate Unreviewed

CVE-2025-27551 was published Mar 26, 2025

The DPA countermeasures on Silicon Labs' Series 2 devices are not reseeded periodically as they... Moderate Unreviewed

CVE-2024-9055 was published Mar 17, 2025

In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect... Moderate Unreviewed

CVE-2018-9426 was published Dec 3, 2024

A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature... Moderate Unreviewed

CVE-2024-20331 was published Oct 23, 2024

An insufficient entropy vulnerability caused by the improper use of a randomness function with... Moderate Unreviewed

CVE-2024-38270 was published Sep 10, 2024

An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor,... Moderate Unreviewed

CVE-2023-49927 was published Jun 5, 2024

Chilkat before v9.5.0.98, allows attackers to obtain sensitive information via predictable PRNG... Moderate Unreviewed

CVE-2024-26329 was published Apr 5, 2024

TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure... Moderate Unreviewed

CVE-2024-22473 was published Feb 21, 2024

An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If... Moderate Unreviewed

CVE-2023-34973 was published Aug 24, 2023

Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated,... Moderate Unreviewed

CVE-2023-38357 was published Aug 1, 2023

?The affected TBox RTUs generate software security tokens using insufficient entropy. The random... Moderate Unreviewed

CVE-2023-36610 was published Jul 3, 2023

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed

CVE-2022-20941 was published Nov 16, 2022

An insufficient entropy vulnerability caused by the improper use of randomness sources with low... Moderate Unreviewed

CVE-2022-34746 was published Sep 21, 2022

dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot... Moderate Unreviewed

CVE-2022-33989 was published Aug 16, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An... Moderate Unreviewed

CVE-2022-27221 was published Jun 15, 2022

A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit... Moderate Unreviewed

CVE-2021-3505 was published May 24, 2022

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

36 advisories