Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:38 p.m.11 views

CVE-2022-36045

NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. It utilizes web sockets for instant interactions and real-time notifications. utils.generateUUID, a helper function available in essentially all versions of NodeBB as far back as v1.0.1 and...

9.8CVSS6.9AI score0.01052EPSS
Exploits0
Circl
Circl
added 2022/08/31 6:36 p.m.10 views

CVE-2022-36045

creationtimestamp| type| source ---|---|--- 2022-08-31 18:36:54+00:00| seen| https://t.me/cibsecurity/49106...

9.8CVSS8.7AI score0.01052EPSS
Exploits0References1
CVE
CVE
added 2022/08/31 3:10 p.m.78 views

CVE-2022-36045

CVE-2022-36045 affects NodeBB Forum Software. The root cause is a cryptographically weak PRNG used by the helper function utils.generateUUID (uses Math.random()), enabling an attacker to possibly calculate reset codes and takeover an account without victim involvement. Affected versions include e...

9.8CVSS9.3AI score0.01052EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/08/31 3:10 p.m.52 views

CVE-2022-36045 Account takeover via cryptographically weak PRNG in NodeBB Forum

NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. It utilizes web sockets for instant interactions and real-time notifications. utils.generateUUID, a helper function available in essentially all versions of NodeBB as far back as v1.0.1 and...

9CVSS9.7AI score0.01052EPSS
Exploits0References3
Rows per page
Query Builder