GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,553
Composer 5,554
Erlang 49
GitHub Actions 49
Go 3,426
Maven 6,365
npm 5,645
NuGet 882
pip 4,670
Pub 13
RubyGems 1,029
Rust 1,212
Swift 53

Unreviewed advisories

All unreviewed 296,666

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

82 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy... Moderate Unreviewed

CVE-2026-2878 was published Feb 25, 2026

An insufficient entropy vulnerability was found in glibc. The getrandom and arc4random family of... Moderate Unreviewed

CVE-2025-0577 was published Feb 18, 2026

The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within... Moderate Unreviewed

CVE-2026-2541 was published Feb 15, 2026

DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. ... Low Unreviewed

CVE-2025-7432 was published Feb 9, 2026

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the... High Unreviewed

CVE-2026-1814 was published Feb 3, 2026

A weakness in the web interface’s application layer encryption in VX800v v1.0 allows an adjacent... High Unreviewed

CVE-2025-13399 was published Jan 29, 2026

Arteco Web Client DVR/NVR contains a session hijacking vulnerability with insufficient session ID... High Unreviewed

CVE-2020-36925 was published Jan 6, 2026

VPN Firewall developed by QNO Technology has a Insufficient Entropy vulnerability, allowing... High Unreviewed

CVE-2025-15387 was published Dec 31, 2025

The Litmus platform uses JWT for authentication and authorization, but the secret being used for... High Unreviewed

CVE-2025-14261 was published Dec 8, 2025

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore... Moderate Unreviewed

CVE-2025-32898 was published Dec 5, 2025

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens... Low Unreviewed

CVE-2025-62774 was published Oct 22, 2025

Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption. Critical Unreviewed

CVE-2024-58040 was published Sep 30, 2025

CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when... High Unreviewed

CVE-2025-50122 was published Jul 11, 2025

WebService::Xero 0.11 and earlier for Perl uses the rand() function as the default source of... Moderate Unreviewed

CVE-2024-52322 was published Apr 7, 2025

Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of... Moderate Unreviewed

CVE-2024-58036 was published Apr 7, 2025

Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy,... Moderate Unreviewed

CVE-2024-57868 was published Apr 7, 2025

Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy,... Moderate Unreviewed

CVE-2024-56370 was published Apr 5, 2025

Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy... High Unreviewed

CVE-2025-1860 was published Mar 28, 2025

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt... Moderate Unreviewed

CVE-2025-27552 was published Mar 26, 2025

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt... Moderate Unreviewed

CVE-2025-27551 was published Mar 26, 2025

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private... High Unreviewed

CVE-2025-29311 was published Mar 24, 2025

The DPA countermeasures on Silicon Labs' Series 2 devices are not reseeded periodically as they... Moderate Unreviewed

CVE-2024-9055 was published Mar 17, 2025

Crypt::Random Perl package 1.05 through 1.55 may use rand() function, which is not... High Unreviewed

CVE-2025-1828 was published Mar 11, 2025

Bangkok Medical Software HOSxP XE v4.64.11.3 was discovered to contain a hardcoded IDEA Key-IV... High Unreviewed

CVE-2024-53522 was published Jan 7, 2025

In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect... Moderate Unreviewed

CVE-2018-9426 was published Dec 3, 2024

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

82 advisories