Lucene search
+L

84051 matches found

euvd
euvd
added 2026/06/26 8:13 a.m.9 views

EUVD-2026-39641

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess...

7.5CVSS5.7AI score0.00447EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/26 8:7 a.m.6 views

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

5.8AI score0.00309EPSS
Exploits0References5
euvd
euvd
added 2026/06/26 8:7 a.m.9 views

EUVD-2026-39640

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.7AI score0.00447EPSS
Exploits0References4
debiancve
debiancve
added 2026/06/26 8:7 a.m.7 views

CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.8AI score0.00309EPSS
Exploits0
cvelist
cvelist
added 2026/06/26 8:7 a.m.43 views

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

0.00309EPSS
Exploits0References5
cve
cve
added 2026/06/26 8:7 a.m.21 views

CVE-2026-11625

CVE-2026-11625 affects Bytes::Random::Secure for Perl up to version 0.29. The PRNG internal state is shared across forked processes when an object is created before forking or when the functional interface is used, causing identical random streams and potentially exposing secrets generated in mul...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References5
osv
osv
added 2026/06/26 8:7 a.m.5 views

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.9AI score0.00447EPSS
Exploits0References9
redhatcve
redhatcve
added 2026/06/26 7:40 a.m.7 views

CVE-2026-53162

A flaw was found in the Linux kernel's memory cgroup memcg subsystem. When a non-maskable interrupt NMI occurs during an update of the system's random number generation state, it can lead to corruption of that state. This issue can result in memory cgroup charge draining, potentially causing syst...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References4
susecve
susecve
added 2026/06/26 2:11 a.m.8 views

SUSE CVE-2026-53162

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.15 views

PT-2026-52682

Name of the Vulnerable Software and Affected Versions Bytes::Random::Secure::Tiny versions prior to 1.012 Description Internal state for the Pseudo-Random Number Generator PRNG is shared across forked processes when an object is initialized before the fork occurs. This leads to the production of...

7.5CVSS5.7AI score0.00292EPSS
Exploits0References12
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.19 views

PT-2026-52681

Name of the Vulnerable Software and Affected Versions Bytes::Random::Secure versions prior to 0.30 Description Internal state for the Pseudo-Random Number Generator PRNG is shared across forked processes when an object is initialized before forking or when the functional interface is used. This...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References11
ossf
ossf
added 2026/06/25 10:58 p.m.7 views

Malicious code in random-string-64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fea72321e7eb57feb094bc31de2393ec2a56903156e1257a062e40541785b96 The package advertises itself as a 5-line random-string generator, but index.js the declared main contains a hardcoded AES-256-CBC ciphertext blob th...

6AI score
Exploits0References3
osv
osv
added 2026/06/25 10:58 p.m.7 views

MAL-2026-6484 Malicious code in random-string-64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fea72321e7eb57feb094bc31de2393ec2a56903156e1257a062e40541785b96 The package advertises itself as a 5-line random-string generator, but index.js the declared main contains a hardcoded AES-256-CBC ciphertext blob th...

6AI score
Exploits0References3
cve
cve
added 2026/06/25 8:38 a.m.8 views

CVE-2026-53162

Summary (CVE-2026-53162) : In the Linux kernel memcg subsystem, a non-NMI-safe path around random-number generation during NMI handling could corrupt the ChaCha batch state, enabling memcg charge draining. The fix replaces the get_random_u32_below() path with a per-CPU round-robin counter stored ...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/06/25 8:38 a.m.32 views

CVE-2026-53162 memcg: use round-robin victim selection in refill_stock

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS0.00136EPSS
Exploits0References3
osv
osv
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53162 memcg: use round-robin victim selection in refill_stock

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.10 views

PT-2026-52258

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the memory control group memcg where the get random u32 below function is called during memcg charge draining, which can occur in the Non-Maskable Interrupt NMI contex...

7.8CVSS6AI score0.00136EPSS
Exploits0References17
nvd
nvd
added 2026/06/24 1:16 p.m.9 views

CVE-2026-13140

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

2CVSS0.00185EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/24 11:12 a.m.5 views

CVE-2026-13140

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

2CVSS5.8AI score0.00185EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/06/24 11:12 a.m.7 views

EUVD-2026-38736

Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e...

2CVSS5.8AI score0.00185EPSS
Exploits0References1
Rows per page
Query Builder