Linux Distros Unpatched Vulnerability : CVE-2016-6313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier...

Linux Distros Unpatched Vulnerability : CVE-2008-5913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a rand...

SUSE CVE-2022-49177

In the Linux kernel, the following vulnerability has been resolved: hwrng: cavium - fix NULL but dereferenced coccicheck error Fix following coccicheck warning: ./drivers/char/hwrandom/cavium-rng-vf.c:182:17-20: ERROR: pdev is NULL but dereferenced...

CVE-2022-49177

In the Linux kernel, the following vulnerability has been resolved: hwrng: cavium - fix NULL but dereferenced coccicheck error Fix following coccicheck warning: ./drivers/char/hwrandom/cavium-rng-vf.c:182:17-20: ERROR: pdev is NULL but dereferenced...

SUSE SLES15 Security Update : ovmf (SUSE-SU-2025:0503-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0503-1 advisory. - CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. bsc1225889 - CVE-2023-45229:...

Vulnerabilities fixed in SonicWall SonicOS

Sonicwall has fixed vulnerabilities in SonicOS for Gen6 and Gen7 firewalls. The first vulnerability concerns a weak pseudo-random number generator in the SSLVPN CVE-2024-40762, allowing attackers to predict authentication tokens in some cases. CVE-2024-53704 concerns improper authentication in th...

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 CVE-2023-45231: out-of-bounds...

CVE-2022-39218

The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the Math.random and crypto.getRandomValues methods fail to use sufficiently random values. The initial value to seed...

CVE-2025-24783 Apache Cocoon: continuations may not be private

UNSUPPORTED WHEN ASSIGNED Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these...

CVE-2025-24783

Apache Cocoon is affected by an Incorrect Usage of Seeds in the PRNG for continuation identifiers. The PRNG is seeded with startup time, making continuation IDs potentially predictable and enabling access to unauthorized continuations. The issue is stated to affect all versions of Apache Cocoon, ...

CVE-2025-24783 Apache Cocoon: continuations may not be private

UNSUPPORTED WHEN ASSIGNED Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these...

CVE-2024-40762

Use of Cryptographically Weak Pseudo-Random Number Generator PRNG in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass...

CVE-2024-40762

Use of Cryptographically Weak Pseudo-Random Number Generator PRNG in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass...

DEBIAN-CVE-2025-0218

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-creat...

CVE-2025-0218

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-creat...

UBUNTU-CVE-2025-0218

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-creat...

CVE-2025-0218 pgAgent scheduled batch job scripts are created in a predictable temporary directory potentially allowing a denial of service

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-creat...

pgAgent 安全漏洞

pgAgent is an open source job scheduler for PostgreSQL from the pgAdmin Project. A security vulnerability exists in pgAgent versions prior to 4.2.3 that stems from insufficient initialization of the random number generator used to generate directory names, which allows a local attacker to...

CVE-2002-20002

The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand, which is not a strong random number generator, for cryptographic keys...

MetaCPAN Net::EasyTCP 安全漏洞

MetaCPAN Net::EasyTCP is a module of the MetaCPAN Foundation. It is used to create secure, bandwidth-friendly TCP/IP clients and servers. A security vulnerability exists in MetaCPAN Net::EasyTCP versions prior to 0.15, which stems from the use of Perl's built-in rand function to generate...