GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,610
Composer 4,714
Erlang 34
GitHub Actions 28
Go 2,300
Maven 5,576
npm 3,942
NuGet 708
pip 3,711
Pub 12
RubyGems 920
Rust 960
Swift 38

Unreviewed advisories

All unreviewed 256,765

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Migration, Backup, Staging WordPress plugin before 0.9.106 does not use sufficient... High Unreviewed

CVE-2024-7315 was published Oct 2, 2024

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random... Moderate Unreviewed

CVE-2022-42159 was published Oct 14, 2022

Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy... High Unreviewed

CVE-2025-1860 was published Mar 28, 2025

Mojolicious versions from 7.28 through 9.39 for Perl may generate weak HMAC session secrets. ... Moderate Unreviewed

CVE-2024-58135 was published May 3, 2025

An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs... High Unreviewed

CVE-2017-17845 was published May 14, 2022

An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time... High Unreviewed

CVE-2016-10180 was published May 13, 2022

wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not... High Unreviewed

CVE-2017-5493 was published May 13, 2022

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs ... Critical Unreviewed

CVE-2025-3495 was published Apr 16, 2025

Crypt::CBC versions between 1.21 and 3.04 for Perl may use the rand() function as the default... Moderate Unreviewed

CVE-2025-2814 was published Apr 13, 2025

Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy,... Moderate Unreviewed

CVE-2024-56370 was published Apr 5, 2025

In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image... Critical Unreviewed

CVE-2025-32754 was published Apr 10, 2025

In jenkins/ssh-slave Docker images based on Debian, SSH host keys are generated on image creation... Critical Unreviewed

CVE-2025-32755 was published Apr 10, 2025

The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces... High Unreviewed

CVE-2009-3238 was published May 2, 2022

OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random... High Unreviewed

CVE-2008-0166 was published May 1, 2022

The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong... Moderate Unreviewed

CVE-2024-56830 was published Jan 2, 2025

WebService::Xero 0.11 and earlier for Perl uses the rand() function as the default source of... Moderate Unreviewed

CVE-2024-52322 was published Apr 7, 2025

Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of... Moderate Unreviewed

CVE-2024-58036 was published Apr 7, 2025

Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values. String::Random... Moderate Unreviewed

CVE-2024-57835 was published Apr 7, 2025

Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy,... Moderate Unreviewed

CVE-2024-57868 was published Apr 7, 2025

Crypt::Salt for Perl version 0.01 uses insecure rand() function when generating salts for... Moderate Unreviewed

CVE-2025-1805 was published Apr 2, 2025

An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A... Critical Unreviewed

CVE-2022-45782 was published Feb 2, 2023

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt... Moderate Unreviewed

CVE-2025-27551 was published Mar 26, 2025

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt... Moderate Unreviewed

CVE-2025-27552 was published Mar 26, 2025

A use of a cryptographically weak pseudo-random number generator vulnerability in the... High Unreviewed

CVE-2021-26091 was published Mar 24, 2025

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including... High Unreviewed

CVE-2025-1796 was published Mar 20, 2025

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

95 advisories