Lucene search
K

972 matches found

OSV
OSV
added 2025/11/12 10:15 p.m.7 views

PYSEC-2025-112

DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...

6.5CVSS5.8AI score0.00101EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/11/12 9:32 p.m.4 views

CVE-2025-64429

DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...

6.9CVSS5.9AI score0.00101EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/11/12 9:32 p.m.3 views

CVE-2025-64429 DuckDB Encryption Crypto implementation is vulnerable

DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...

6.9CVSS7.1AI score0.00101EPSS
Exploits0References4
OSV
OSV
added 2025/11/12 11:15 a.m.5 views

UBUNTU-CVE-2025-40127

In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by missing clock pointer initialization. The clkgetrate call is performed on an uninitialized clk pointer, resulting in division by zer...

5.8AI score0.00183EPSS
Exploits0References39
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.4 views

PT-2025-46602

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the hardware random number generator hwrng and the ks-sa driver. A division by zero error occurs in the ks sa rng init function due to an...

5.2CVSS7.3AI score0.00183EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-40127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by missing clock pointer initialization. The clkgetrate call is...

6.3AI score0.00183EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/10 9:56 a.m.9 views

CVE-2025-40109

In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure setent is always present Ensure that setent is always set since only drbg provides it...

5.5CVSS5.9AI score0.00186EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/11/10 9:3 a.m.3 views

crypto: rng - Ensure set_ent is always present

...

4.2CVSS6.7AI score0.00186EPSS
Exploits0
EUVD
EUVD
added 2025/11/09 6:30 a.m.5 views

EUVD-2025-38441

In the Linux kernel, the following vulnerability has been resolved: crypto: rng - Ensure setent is always present Ensure that setent is always set since only drbg provides it...

6AI score0.00186EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990099 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORDSZ The commit referenced in...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability in pgagent

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator was used when generating the directory name, which allowed a local attacker to pre-create the directory...

7.1CVSS6AI score0.00171EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/10/25 8:1 a.m.3 views

Cache poisoning due to weak PRNG

...

8.6CVSS7AI score0.00454EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.4 views

Fedora 44 : bind / bind-dyndb-ldap (2025-5a73e9e251)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-5a73e9e251 advisory. Update to 9.18.41 rhbz2405786 Security fixes: - DNSSEC validation fails if matching but invalid DNSKEY is found. CVE-2025-8677 - Address various...

8.6CVSS6.5AI score0.1096EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2025/10/22 11:24 p.m.5 views

SUSE CVE-2025-40780

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

8.6CVSS6.8AI score0.00454EPSS
Exploits0References16
OSV
OSV
added 2025/10/22 7:41 p.m.5 views

GHSA-GR7H-XW4F-WH86 Sakai kernel-impl: predictable PRNG used to generate server‑side encryption key in EncryptionUtilityServiceImpl

Impact EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password serverSecretKey using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted from limited state/seed information e.g., start time window, substantially...

5.9CVSS6.8AI score0.00182EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/22 6:30 p.m.5 views

EUVD-2025-35609

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

8.6CVSS6.2AI score0.00454EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-12912

Malware in sbrugna...

7.5CVSS6.2AI score0.00294EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-9971

Malware in sbrugna...

7.5CVSS7.6AI score0.01499EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0643

Malware in sbrugna...

9.1CVSS9.2AI score0.01186EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-3398

Malware in sbrugna...

5.8CVSS6.1AI score0.01406EPSS
Exploits1References4
Rows per page
Query Builder