76 matches found
CVE-2026-7616
creationtimestamp| type| source ---|---|--- 2026-05-12 13:33:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlnvnmaz2s2s...
EUVD-2019-7616
Malware in sbrugna...
CVE-2025-40920
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...
DEBIAN-CVE-2025-40920
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...
UBUNTU-CVE-2025-40920
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...
CVE-2025-40920
CVE-2025-40920 affects Catalyst::Authentication::Credential::HTTP (Perl) up to version 1.018, where nonces are generated via Data::UUID, which uses a non-cryptographic source and yields v3 UUIDs. Fedora advisories (FEDORA-2025-6df5ab0b98 and FEDORA-2025-d72429a1f8) indicate the patch upgrades the...
CVE-2025-40920 Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...
CVE-2025-40920
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...
RHSA-2023:7616
creationtimestamp| type| source ---|---|--- 2025-08-01 15:49:22+00:00| seen| Telegram/vqMv-pw9KY3Z5TMAkCKFJ81O0KEk3Kk9SHClQG6teUoaj50 2025-08-02 14:50:53+00:00| seen| Telegram/O48YTDst3MKwqXTmoA7eKUU-Al4YKF5xmz2EhGo0DjbdKvM 2025-08-02 17:49:06+00:00| seen|...
CVE-2025-7616
A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthreadconddestroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used...
CVE-2024-7616
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcamcgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this...
Linux Distros Unpatched Vulnerability : CVE-2017-7616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensiti...
CVE-2024-7616 Edimax IC-6220DC/IC-5150W ipcam_cgi cgiFormString command injection
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcamcgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this...
CVE-2024-7616 Edimax IC-6220DC/IC-5150W ipcam_cgi cgiFormString command injection
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcamcgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this...
K08478022: Linux kernel vulnerability CVE-2017-7616
Security Advisory Description Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation...
Ubuntu: Security Advisory (USN-3406-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-41615
websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 or RFC 2617 section 3.2.1. NOTE:...
Hardcoded credentials
websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 or RFC 2617 section 3.2.1. NOTE:...
CVE-2021-41615
The CVE-2021-41615 entry relates to GoAhead WebServer 2.1.8 (websda.c) having insufficient nonce entropy because nonce calculation uses a hardcoded value (onceuponatimeinparadise) that does not comply with RFC 7616/2617 secret-data guidelines. The vulnerability is documented with a high CVSS v3.1...
CVE-2021-41615
websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 or RFC 2617 section 3.2.1. NOTE:...