Design/Logic Flaw

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...

CVE-2013-2213

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...

CVE-2013-2213

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...

CVE-2012-1577

lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0...

CVE-2013-2260

Cryptocat before 2.0.22: Cryptocat.random Function Array Key has Entropy Weakness...

Fedora 30 : php-twig (2019-874015ee38)

Version 1.38.2 2019-03-12 - added TemplateWrapper::getTemplateName ---- Version 1.38.1 2019-03-12 - fixed class aliases ---- Version 1.38.0 2019-03-12 - fixed sandbox security issue under some circumstances, calling the toString method on an object was possible even if not allowed by the security...

Fedora 29 : php-twig (2019-c8712a42dc)

Version 1.38.2 2019-03-12 - added TemplateWrapper::getTemplateName ---- Version 1.38.1 2019-03-12 - fixed class aliases ---- Version 1.38.0 2019-03-12 - fixed sandbox security issue under some circumstances, calling the toString method on an object was possible even if not allowed by the security...

Fedora 29 : php-twig2 (2019-a9a37fed18)

Version 2.7.2 2019-03-12 - added TemplateWrapper::getTemplateName ---- Version 2.7.1 2019-03-12 - fixed class aliases ---- Version 2.7.0 2019-03-12 - fixed sandbox security issue under some circumstances, calling the toString method on an object was possible even if not allowed by the security...

DEBIAN-CVE-2016-10743

hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an osrandom function call...

CVE-2018-18487

In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mtrand unsafely, resulting in predictable database backup file locations...

Design/Logic Flaw

The random function of the smart contract implementation for CryptoSaga, an Ethereum game, generates a random value with publicly readable variables such as timestamp, the current block's blockhash, and a private variable which can be read with a getStorageAt call. Therefore, attackers can...

CVE-2018-12975

The random function of the smart contract implementation for CryptoSaga, an Ethereum game, generates a random value with publicly readable variables such as timestamp, the current block's blockhash, and a private variable which can be read with a getStorageAt call. Therefore, attackers can...

SQL Injection Vulnerability in phpcms 'random' Function

phpcms is a website management software. A SQL injection vulnerability exists in phpcms. Due to lax encryption control of the random function, the value of authkey can be obtained, leading to SQL injection and allowing attackers to exploit the vulnerability to obtain sensitive database informatio...

CVE-2015-9019

In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs...

Code injection

In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs...

UBUNTU-CVE-2015-9019

In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs...

CVE-2015-9019

In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs...

CVE-2016-6485

The construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value...

uninitialized random

libcurl's new internal function that returns a good 32-bit random value was implemented poorly and overwrote the pointer instead of writing the value into the buffer the pointer pointed to. This random value is used to generate nonces for Digest and NTLM authentication, for generating boundary...

CVE-2016-1927

The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach...