SUSE CVE-2022-1615

In Samba, GnuTLS gnutlsrnd can fail and give predictable random values...

PT-2022-11593 · Unknown · Phpservermon

Name of the Vulnerable Software and Affected Versions: phpservermon affected versions not specified Description: A vulnerability was found in phpservermon, affecting the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to the use of a predictable algorithm in ...

PT-2022-11592 · Unknown · Phpservermon

Name of the Vulnerable Software and Affected Versions: phpservermon affected versions not specified Description: A problematic issue was found in phpservermon, affecting the generatePasswordResetToken function of the file src/psm/Service/User.php. The manipulation leads to the use of a predictabl...

PT-2022-24817 · Unknown · Js Compute Runtime

Name of the Vulnerable Software and Affected Versions: JS Compute Runtime versions prior to 0.5.3 Description: The Math.random and crypto.getRandomValues methods fail to use sufficiently random values, making the sequence of random values predictable. An attacker can use the fixed seed to predict...

DEBIAN-CVE-2022-1615

In Samba, GnuTLS gnutlsrnd can fail and give predictable random values...

CVE-2022-1615

In Samba, GnuTLS gnutlsrnd can fail and give predictable random values...

ALPINE-CVE-2022-1615

In Samba, GnuTLS gnutlsrnd can fail and give predictable random values...

PT-2022-7528 · Gnutls +7 · Gnutls +7

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: The issue is related to the function gnutls rnd in the GnuTLS package used by Samba, which generates insufficiently random values. This can potentially allow an attacker to gain access to...

Unbonding validator random selection can be predicted

Lines of code Vulnerability details Impact When unbonding, the pickvalidator function is supposed to choose a random validator to unstake from. However, this randomness can be predicted knowing the block height which is very easy to predict. let mut iterationindex = 0; while claimed.u128 0 let mu...

yii2 安全特征问题漏洞

yii2 is a fast, secure and professional PHP framework. A security vulnerability exists in yii2 that stems from yii2's susceptibility to predictable algorithms in random number generators...

SUSE: Security Advisory (SUSE-SU-2016:0908-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-28099

In Netflix OSS Hollow, since the Files.existsparent is run before creating the directories, an attacker can pre-create these directories with wide permissions. Additionally, since an insecure source of randomness is used, the file names to be created can be deterministically calculated...

GHSA-V6WR-FCH2-VM5W OrientDB Server Community Edition uses insufficiently random values to generate session IDs

OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 improperly relies on the java.util.Random class for generation of random Session ID values in the server/network/protocol/http/OHttpSessionManager.java, which makes it easier for remote attackers to predict a value by...

NTP 'ntp-keygen.c' Predictable Random Number Generation Vulnerability

NTP Network Time Protocol is a protocol for synchronizing computer clocks over a network. A predictable random number generation vulnerability exists in NTP. An attacker can exploit this vulnerability to guess the MD5 key and spoof the client or server...

GNU Libgcrypt and GnuPG Predictable Random Number Generation Vulnerability

GNU Libgcrypt and GnuPG GNU Privacy Guard are both general-purpose cryptographic libraries developed by the GNU Project based on the GnuPG code. A predictable random number generation vulnerability exists in the mixing function in GNU Libgcrypt prior to 1.6.3-2+deb8u2 and GnuPG prior to...

PHP 'openssl_random_pseudo_bytes()' function design vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. There is a security vulnerability in PHP that can be exploited by an attacker to cause the program to generate predictable random numbers...

openSUSE Security Update : gcc5 (openSUSE-2016-472)

The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed : - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 The following non-security issues...

SUSE-SU-2016:0908-2 Security update for gcc5

The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed: - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 The following non-security issues...

Sensio Labs Symfony Predictable Random Number Generation Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A predictable random number generation vulnerability exist...

UBUNTU-CVE-2015-5276

The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors...