Lucene search
K

79 matches found

QT
QT
added 2024/05/24 12:0 a.m.38 views

Security advisory: OAuth1 in QtNetworkAuth

The OAuth1 implementation in QtNetworkAuth created nonces using a PRNG that was seeded with a predictable seed. This issue has been assigned the CVE id CVE-2024-36048. This means that an attacker that can somehow control the time of the first OAuth1 flow of the process has a high chance of...

9.8CVSS9.5AI score0.0097EPSS
Exploits0
OSV
OSV
added 2024/02/01 10:15 p.m.4 views

CVE-2023-4472

Objectplanet Opinio version 7.22 and prior uses a cryptographically weak pseudo-random number generator PRNG coupled to a predictable seed, which could lead to an unauthenticated account takeover of any user on the application...

9.8CVSS5.8AI score0.00621EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/21 12:0 a.m.22 views

Mitsubishi Electric MELSEC iQ-F, iQ-R Series Predictable Seed in Pseudo-Random Number Generator (CVE-2022-40267)

Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...

9.1CVSS8.2AI score0.01182EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2008-5659

The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...

7.5CVSS6.7AI score0.03346EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.4 views

SUSE CVE-2022-31008

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...

7.5CVSS6.8AI score0.00307EPSS
Exploits0References5
NVD
NVD
added 2023/01/20 8:15 a.m.43 views

CVE-2022-40267

Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...

9.1CVSS7.6AI score0.01182EPSS
Exploits0References4
OSV
OSV
added 2023/01/20 8:15 a.m.2 views

CVE-2022-40267

Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...

9.1CVSS5.8AI score0.01182EPSS
Exploits0References4
Prion
Prion
added 2023/01/20 8:15 a.m.12 views

Authentication flaw

Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...

6.4CVSS9.3AI score0.01182EPSS
Exploits0References3Affected Software30
Cvelist
Cvelist
added 2023/01/20 7:52 a.m.50 views

CVE-2022-40267 Authentication Bypass Vulnerability in Web Server Function on MELSEC Series

Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...

5.9CVSS9.6AI score0.01182EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/01/20 7:52 a.m.14 views

CVE-2022-40267 Authentication Bypass Vulnerability in Web Server Function on MELSEC Series

Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...

5.9CVSS7.2AI score0.01182EPSS
Exploits0References3
ICS
ICS
added 2023/01/17 12:0 a.m.32 views

Mitsubishi Electric MELSEC iQ-F, iQ-R Series

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F and iQ-R Series products Vulnerability: Predictable Seed in Pseudo-Random Number Generator PRNG 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the...

9.1CVSS7.7AI score0.01182EPSS
Exploits0References6
Prion
Prion
added 2023/01/02 8:15 a.m.17 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in enigmaX up to 2.2. This issue affects the function getSeed of the file main.c of the component Scrambling Table Handler. The manipulation leads to predictable seed in pseudo-random number generator prng. The attack may be...

5CVSS7.1AI score0.00758EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2023/01/02 7:59 a.m.69 views

CVE-2016-15006

The CVE-2016-15006 vulnerability affects enigmaX up to version 2.2, specifically the getSeed function in Scrambling Table Handler (main.c). The issue causes a predictable PRNG seed, with remote attack potential. Exploitation is described as difficult, but a fix exists in version 2.3, with patch i...

5.3CVSS4.8AI score0.00758EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/10/13 7:15 p.m.26 views

CVE-2022-42159

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator...

4.3CVSS0.00646EPSS
Exploits1References2
OSV
OSV
added 2022/10/13 7:15 p.m.6 views

CVE-2022-42159

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator...

4.3CVSS5.8AI score0.00646EPSS
Exploits1References2
Prion
Prion
added 2022/10/13 7:15 p.m.12 views

Code injection

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator...

4CVSS4.8AI score0.00646EPSS
Exploits1References2Affected Software3
Cvelist
Cvelist
added 2022/10/13 12:0 a.m.22 views

CVE-2022-42159

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator...

5AI score0.00646EPSS
Exploits1References2
CVE
CVE
added 2022/10/13 12:0 a.m.65 views

CVE-2022-42159

CVE-2022-42159 affects D-Link COVR 1200/1202/1203 v1.08. The issue is a predictable seed in the device’s pseudo-random number generator, as described across multiple sources. Documented impact is limited in the provided materials; exploitation details are not listed. Some connected sources (PT-20...

4.3CVSS4.7AI score0.00646EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/10/06 6:16 p.m.3 views

DEBIAN-CVE-2022-31008

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...

7.5CVSS7.2AI score0.00307EPSS
Exploits0References1
OSV
OSV
added 2022/04/08 8:15 p.m.3 views

CVE-2022-26852

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...

9.8CVSS5.8AI score0.01188EPSS
Exploits0References1
Rows per page
Query Builder