Lucene search
K

56 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-52312

Malicious code in bioql PyPI...

9.3CVSS9.3AI score0.01867EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-7482

Malicious code in bioql PyPI...

9.1CVSS7.5AI score0.01319EPSS
Exploits1References22
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-27230

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00174EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/30 12:0 a.m.3 views

NewStart CGSL MAIN 6.06 : gcc Vulnerability (NS-SA-2025-0227)

The remote NewStart CGSL host, running version MAIN 6.06, has gcc packages installed that are affected by a vulnerability: - The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy...

7.5CVSS7.2AI score0.03207EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/11 9:20 a.m.11 views

CVE-2025-59015

A deterministic three‑character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0–12.4.36 and 13.0.0–13.4.17 reduces entropy, allowing attackers to carry out brute‑force attacks more quickly...

6.5CVSS6.8AI score0.00174EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/09/09 9:31 a.m.14 views

TYPO3 CMS uses insufficient entropy when generating passwords

A deterministic three‑character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0–12.4.36 and 13.0.0–13.4.17 reduces entropy, allowing attackers to carry out brute‑force attacks more quickly...

6.5CVSS6.8AI score0.00174EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/09/09 9:15 a.m.8 views

CVE-2025-59015

A deterministic three‑character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0–12.4.36 and 13.0.0–13.4.17 reduces entropy, allowing attackers to carry out brute‑force attacks more quickly...

6.5CVSS0.00174EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 9:0 a.m.7 views

CVE-2025-59015 Insufficient Entropy in Password Generation

A deterministic three‑character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0–12.4.36 and 13.0.0–13.4.17 reduces entropy, allowing attackers to carry out brute‑force attacks more quickly...

6.3CVSS0.00174EPSS
Exploits0References1
OSV
OSV
added 2025/09/09 9:0 a.m.5 views

CVE-2025-59015 Insufficient Entropy in Password Generation

A deterministic three‑character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0–12.4.36 and 13.0.0–13.4.17 reduces entropy, allowing attackers to carry out brute‑force attacks more quickly...

6.3CVSS5.9AI score0.00174EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.8 views

PT-2025-36691

Name of the Vulnerable Software and Affected Versions: TYPO3 CMS versions 12.0.0 through 12.4.36 TYPO3 CMS versions 13.0.0 through 13.4.17 Description: A deterministic three-character prefix in the Password Generation component reduces entropy, potentially enabling attackers to expedite brute-for...

6.5CVSS6.3AI score0.00174EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-15847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing...

7.5CVSS7AI score0.03207EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.4 views

An Efficient Construction of Raz's Two-Source Randomness Extractor with Improved Parameters

Randomness extractors are algorithms that distill weak random sources into near-perfect random numbers. Two-source extractors enable this distillation process by combining two independent weak random sources. Raz's extractor STOC '05 was the first to achieve this in a setting where one source has...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/29 12:0 a.m.5 views

Data Encryption Battlefield: a Deep Dive into the Dynamic Confrontations in Ransomware Attacks

In the rapidly evolving landscape of cybersecurity threats, ransomware represents a significant challenge. Attackers increasingly employ sophisticated encryption methods, such as entropy reduction through Base64 encoding, and partial or intermittent encryption to evade traditional detection...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 4:50 a.m.16 views

CVE-2024-36400

nano-id is a unique string ID generator for Rust. Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62...

9.8CVSS6.6AI score0.00754EPSS
Exploits1References1
OSV
OSV
added 2024/12/06 4:14 p.m.10 views

CVE-2024-54143 openwrt/asu allows build artifact poisoning via truncated SHA-256 hash and command injection

openwrt/asu is an image on demand server for OpenWrt based distributions. The request hashing mechanism truncates SHA-256 hashes to only 12 characters. This significantly reduces entropy, making it feasible for an attacker to generate collisions. By exploiting this, a previously built malicious...

9.3CVSS9.6AI score0.01867EPSS
Exploits0References4
OSV
OSV
added 2024/06/04 6:40 p.m.14 views

GHSA-9HC7-6W9R-WJ94 Unable to generate the correct character set

Reduced entropy due to inadequate character set usage Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the...

9.4CVSS9.5AI score0.00754EPSS
Exploits1References5
OSV
OSV
added 2024/06/04 5:49 p.m.21 views

GHSA-2HFW-W739-P7X5 Duplicate Advisory: nano-id reduced entropy due to inadequate character set usage

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9hc7-6w9r-wj94. This link is maintained to preserve external references. Original Description Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the...

9.4CVSS5.3AI score0.00754EPSS
Exploits1References3
RustSec
RustSec
added 2024/06/03 12:0 p.m.8 views

Reduced entropy due to inadequate character set usage

Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62 symbols, and the base58 function used a...

9.8CVSS7AI score0.00754EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/07 8:38 a.m.9 views

c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation

A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand, which could allow an attacker to utilize the lack of entropy by no...

3.7CVSS5.7AI score0.00936EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/07/12 8:33 a.m.7 views

c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation

A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand, which could allow an attacker to utilize the lack of entropy by no...

3.7CVSS7.2AI score0.00936EPSS
Exploits0References5
Rows per page
Query Builder