Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

107 matches found

Veracode
Veracodeadded 2017/01/03 2:51 a.m.10 views

Insecure Random Number Generator

net-http-digestauth is vulnerable to insecure random number generation. The library uses Kernelrand which is a repeatable sequence of numbers, allowing a malicious user to guess the number under certain circumstances...

6.7AI score
Exploits0
Veracode
Veracodeadded 2016/12/14 7:24 a.m.8 views

Insecure Random Number Generator

django-simple-sso is vulnerable to brute force attacks due to it's insecure random number generator. The random number generator generates pseudo-random numbers rather than a cryptographically secure random number...

6.6AI score
Exploits0
Huawei
Huaweiadded 2016/08/10 12:0 a.m.24 views

Security Advisory - A Security Vulnerability of Using Insecure Random Numbers to Generate Self-signed Certificates in Huawei Products

Some Huawei products automatically generate self-signed certificates upon the first use. The random numbers used to generate these certificates are not random enough. Different devices' certificates may use the same random number consequently, which contains the risk of an attacker compromising t...

5.3CVSS5.3AI score0.00832EPSS
Exploits0Affected Software12
Cvelist
Cvelistadded 2016/02/20 1:0 a.m.22 views

CVE-2016-1927

The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach...

7.2AI score0.02688EPSS
Exploits0References8
NVD
NVDadded 2009/01/20 4:30 p.m.24 views

CVE-2008-5913

The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a...

4.9CVSS9.3AI score0.01141EPSS
Exploits1References25
Friends Of PHP
Friends Of PHPadded 1970/01/01 12:0 a.m.21 views

Insecure Random Number Generator

Insecure RNG: stormpath-sdk-php/src/Util/UUID.php Lines 167 to 181 in 15aee30 / Generate an UUID version 4 pseudo random / static private function generateRandom$ns, $node $uuid = self::$muuidfield; $uuid'timehi' = 4 12 | mtrand0, 0x1000; $uuid'clockseqhi' = 1 7 | mtrand0, 128; $uuid'timelow' =...

0.9AI score
Exploits0Affected Software1
Friends Of PHP
Friends Of PHPadded 1970/01/01 12:0 a.m.14 views

Insecure Random Number Generator

Insecure RNG: https://github.com/stormpath/stormpath-sdk-php/blob/15aee3007b8aa41c20cdf28fd650b8a2368a7fa9/src/Util/UUID.phpL167-L181 Insecure RNG fallback: https://github.com/stormpath/stormpath-sdk-php/blob/62698ea98ef89217f932e28cf3e511d39af3b4cf/src/Authc/Api/ApiKeyEncryptionOptions.phpL48-L5...

7.1AI score
Exploits0Affected Software1
Rows per page
Query Builder