CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6720 matches found

OSV•added 2026/03/05 2:16 a.m.•3 views

UBUNTU-CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.3AI score0.00583EPSS

Exploits0References5

Cvelist•added 2026/03/05 1:41 a.m.•25 views

CVE-2025-40931 Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id

0.00583EPSS

Exploits0References9

ATTACKERKB•added 2026/03/05 1:41 a.m.•3 views

CVE-2025-40931

9.1CVSS5.8AI score0.00583EPSS

Exploits0References10

CNNVD•added 2026/03/05 12:0 a.m.•2 views

Net::NSCA::Client 安全漏洞

Net::NSCA::Client is a Perl library developed by DOUGDUDE’s individual developer. Versions of Net::NSCA::Client 0.009002 and earlier contain security vulnerabilities, which stem from the use of insecure random number generators. This could lead to the prediction of session IDs...

9.1CVSS5.8AI score0.00409EPSS

Exploits0References3

Positive Technologies•added 2026/03/05 12:0 a.m.•6 views

PT-2026-23125

Name of the Vulnerable Software and Affected Versions Net::NSCA::Client versions through 0.009002 Description Net::NSCA::Client for Perl utilizes an inadequate random number generator. Version 0.003 transitioned to using Data::Rand::Obscure instead of Crypt::Random for generating initialization...

9.1CVSS5.8AI score0.00409EPSS

Exploits0References9

OSV•added 2026/03/04 12:0 p.m.•3 views

RUSTSEC-2026-0075 All-Zero Key Generation on Catastrophic RNG Failure

The libcrux-ed25519 key generation samples Ed25519 secret keys from a provided CSPRNG in a loop for up to 100 attempts until a non-zero key is found. If a non-zero key could not be sampled within 100 attempts the key generation function would silently continue with an all-zero buffer as the secre...

8.2CVSS5.9AI score

Exploits0References3

CNNVD•added 2026/03/03 12:0 a.m.•2 views

WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00319EPSS

Exploits0References3

SUSE CVE•added 2026/03/02 12:28 a.m.•3 views

SUSE CVE-2025-40932

Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will...

8.2CVSS5.7AI score0.002EPSS

Exploits0References3

Packet Storm•added 2026/03/02 12:0 a.m.•126 views

📄 WordPress PDF Generator Addon for Elementor Page Builder 1.75 Traversal

Proof of concept exploit for a WordPress PDF Generator Addon for Elementor Page Builder plugin version 1.75 unauthenticated arbitrary file download vulnerability that leverages a path traversal...

7.5CVSS6AI score0.07486EPSS

Exploits3

Tenable Nessus•added 2026/03/01 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2025-40932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator ...

8.2CVSS5.5AI score0.002EPSS

Exploits0References3

OSV•added 2026/02/28 12:46 p.m.•4 views

OESA-2026-1463 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

6CVSS6AI score0.0056EPSS

Exploits0References4

EUVD•added 2026/02/27 9:31 p.m.•6 views

EUVD-2026-9063

HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epo...

5.9AI score0.00418EPSS

Exploits0References5

OSV•added 2026/02/27 8:21 p.m.•3 views

CVE-2026-3255

6.5CVSS5.9AI score

Exploits0References5

NVD•added 2026/02/27 8:21 p.m.•4 views

CVE-2026-3255

6.5CVSS0.00418EPSS

Exploits0References5

EUVD•added 2026/02/27 12:31 a.m.•3 views

EUVD-2025-208124

8.2CVSS5.5AI score0.002EPSS

Exploits0References2

CNNVD•added 2026/02/27 12:0 a.m.•3 views

HTTP::Session2 安全漏洞

HTTP::Session2 is a Perl package developed by Tokuhiro Matsuno. Versions of HTTP::Session2 prior to version 1.12 contained security vulnerabilities. These vulnerabilities stemmed from the use of the rand function to generate weak session IDs, which could lead to the prediction of session IDs...

6.5CVSS5.8AI score0.00418EPSS

Exploits0References6

Positive Technologies•added 2026/02/27 12:0 a.m.•5 views

PT-2026-22392

Name of the Vulnerable Software and Affected Versions HTTP::Session2 versions prior to 1.12 Description The software may generate weak session IDs using the rand function. The session ID generator returns a SHA-1 hash seeded with the rand function, epoch time, and the process ID PID. The rand...

6.5CVSS5.9AI score0.00418EPSS

Exploits0References10