Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-11625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 9:16 a.m.8 views

CVE-2026-11702

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess...

7.5CVSS0.00292EPSS
Exploits0References5
NVD
NVD
added 2026/06/26 9:16 a.m.10 views

CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS0.00309EPSS
Exploits0References5
OSV
OSV
added 2026/06/26 9:16 a.m.6 views

UBUNTU-CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/26 8:13 a.m.6 views

CVE-2026-11702 Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess...

5.8AI score0.00292EPSS
Exploits0References5
CVE
CVE
added 2026/06/26 8:13 a.m.20 views

CVE-2026-11702

Affected: Bytes::Random::Secure::Tiny for Perl, versions up to 1.011. Root cause: PRNG internal state is shared across forked processes if an object is initialised before forking, leading to identical random streams. Impact: secrets generated in multiprocess apps can be predictable across process...

7.5CVSS5.8AI score0.00292EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/26 8:7 a.m.41 views

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

0.00309EPSS
Exploits0References5
CVE
CVE
added 2026/06/26 8:7 a.m.15 views

CVE-2026-11625

CVE-2026-11625 affects Bytes::Random::Secure for Perl up to version 0.29. The PRNG internal state is shared across forked processes when an object is created before forking or when the functional interface is used, causing identical random streams and potentially exposing secrets generated in mul...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/26 8:7 a.m.6 views

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

5.8AI score0.00309EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.17 views

PT-2026-52681

Name of the Vulnerable Software and Affected Versions Bytes::Random::Secure versions prior to 0.30 Description Internal state for the Pseudo-Random Number Generator PRNG is shared across forked processes when an object is initialized before forking or when the functional interface is used. This...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References11
CVE
CVE
added 2026/05/15 5:41 p.m.15 views

CVE-2026-46474

CVE-2026-46474 affects the Perl module Trog::TOTP prior to version 1.006. The vulnerability arises because secrets are generated with Perl’s built-in rand(), which is predictable and unsuitable for security use. The NVD entry documents the issue and its high impact (Confidentiality: High; Integri...

7.5CVSS5.8AI score0.00316EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/01 12:0 a.m.3 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature while doing key agreement with PSAALGFFDH. An attacker can influence the shared secret to a small, predictable set of values by sending crafted public keys during key exchange. Remediatio...

9.1CVSS5.8AI score0.00204EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/31 10:31 p.m.3 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/31 10:31 p.m.3 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/31 10:31 p.m.2 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/31 10:31 p.m.1 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/31 10:31 p.m.4 views

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...

9.8CVSS5.8AI score0.00376EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/03 4:8 p.m.13 views

CVE-2024-58134 Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

6.2AI score0.00459EPSS
Exploits1References11
Cvelist
Cvelist
added 2025/05/03 4:8 p.m.17 views

CVE-2024-58134 Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

0.00459EPSS
Exploits1References11
Rows per page
Query Builder