18 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-34871
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number...
CVE-2025-52578
CVE-2025-52578 describes an incorrect usage of seeds in a pseudo-random number generator (PRNG) affecting Gallagher Command Centre Server. The issue allows a sophisticated attacker with physical access to compromise internal device communications. Affected versions include 9.30 before vCR9.30.251...
EUVD-2008-3158
Malware in sbrugna...
PT-2025-32706 · Intel · Intel Tdx Firmware
Name of the Vulnerable Software and Affected Versions: IntelR TDX firmware affected versions not specified Description: A predictable seed in the Pseudo-Random Number Generator PRNG within the firmware may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2024-45751
tgt aka Linux target framework before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...
USN-7024-1: tgt vulnerability
It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...
Ubuntu 20.04 LTS : tgt vulnerability (USN-7024-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7024-1 advisory. It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always...
Updated tgt packages fix security vulnerability
tgt aka Linux target framework before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical. CVE-2024-45751...
CVE-2024-45751
tgt aka Linux target framework before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...
CVE-2024-45751
tgt aka Linux target framework before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...
CVE-2024-45751
tgt aka Linux target framework before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...
CVE-2024-45751
CVE-2024-45751 affects the tgt (Linux target framework). The vulnerability is caused by using rand without srand in entropy gathering, making the PRNG seed always 1 and producing identical challenge sequences. Affected versions are tgt before 1.0.93. The documented remediation is to upgrade to 1....
PT-2024-31748
Name of the Vulnerable Software and Affected Versions: tgt versions prior to 1.0.93 Description: The issue is related to the Linux target framework tgt attempting to generate random numbers by using rand without srand, resulting in a predictable PRNG seed. This causes the sequence of challenges t...
Humhub Insecure Password Validation / Reset
Humhub insecure password validation and reset design + Discovered by: Jos Wetzels + Affects: Humhub password == $this-hashPassword$password Here a hash of the user-supplied password gets compared to the stored hash in an insecure manner, since PHP's loose type comparison operators compare only...
Design/Logic Flaw
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed...
CVE-2008-3168
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed...
CVE-2008-3168
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed...
CVE-2008-3168
The CVE-2008-3168 entry concerns Empire Server before version 4.3.15, where the files utility discloses the world creation time. This timing leak reduces entropy for the PRNG seed and is described as a vulnerability in the NVD entry; no exploit details are provided in the connected documents. The...