CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

968 matches found

Github Security Blog•added 2022/12/06 9:13 p.m.•45 views

Passeo uses insecure random number generator

Impact Everyone below v1.0.5 is impacted by this flaw, of confidentiality being at risk due to the passwords being easily able to be guessed with Passeo's use of the random library. It is recommended to change any passwords made with Passeo before v1.0.5 and upgrade to v1.0.5, and v1.0.5 patches...

7.5CVSS7.3AI score0.00791EPSS

Exploits0References6Affected Software1

OSV•added 2022/12/06 9:13 p.m.•31 views

GHSA-MHHF-VGWH-FW9H Passeo uses insecure random number generator

8.2CVSS6.4AI score0.00791EPSS

Exploits0References6

Cvelist•added 2022/12/06 5:18 p.m.•55 views

CVE-2022-23472 Use of insecure random number generator in Passeo

Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python random library for random value selection. The python random library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator...

5.9CVSS7.7AI score0.00791EPSS

Exploits0References3

Veracode•added 2022/11/17 5:14 a.m.•19 views

Insecure Random Number Generator

phpservermon/phpservermon uses an insecure random number generator. The vulnerability exists in the generatePasswordResetToken function of User.php because of the insecure mtrand random number generator function which allows an attacker to guess the reset password hashes...

5.3CVSS2.1AI score0.00803EPSS

Exploits1References4Affected Software1

Veracode•added 2022/11/17 2:40 a.m.•20 views

Insecure Random Number Generator

phpservermon/phpservermon uses an insecure random number generator. The vulnerability exists because of the insecure mtrand random number generator function in the loginWithCookieData function of User.php, allowing an attacker to guess the strings it generates...

5.3CVSS3.1AI score0.00769EPSS

Exploits1References4Affected Software1

Github Security Blog•added 2022/11/16 12:0 p.m.•17 views

PHPServerMon PRNG has Insufficient Entropy

A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may b...

5.3CVSS7.1AI score0.00769EPSS

Exploits1References5Affected Software1

OSV•added 2022/11/16 12:0 p.m.•15 views

GHSA-HC4J-7MQG-CXJJ PHPServerMon PRNG has Insufficient Entropy

5.3CVSS4.5AI score0.00769EPSS

Exploits1References5

OSV•added 2022/11/16 12:0 p.m.•9 views

GHSA-97W9-GCC7-VR8G Insufficient Entropy in PHPServerMon PRNG

A vulnerability, which was classified as problematic, was found in phpservermon. This affects the function generatePasswordResetToken of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the publ...

5.3CVSS4.5AI score0.00803EPSS

Exploits1References5

OSV•added 2022/11/15 11:15 p.m.•12 views

CVE-2021-4241

5.3CVSS5.4AI score

Exploits0References3

NVD•added 2022/11/15 11:15 p.m.•11 views

CVE-2021-4240

5.3CVSS0.00803EPSS

Exploits1References3

OSV•added 2022/11/15 11:15 p.m.•9 views

CVE-2021-4240

5.3CVSS5.4AI score

Exploits0References3

Prion•added 2022/11/15 11:15 p.m.•13 views

Design/Logic Flaw

5CVSS5.3AI score0.00769EPSS

Exploits1References3

Vulnrichment•added 2022/11/15 12:0 a.m.•5 views

CVE-2021-4241 phpservermon User.php setUserLoggedIn predictable algorithm in random number generator

2.6CVSS5.7AI score0.00769EPSS

Exploits1References3

Vulnrichment•added 2022/11/15 12:0 a.m.•4 views

CVE-2021-4240 phpservermon User.php generatePasswordResetToken predictable algorithm in random number generator

2.6CVSS4.2AI score0.00803EPSS

Exploits1References3

Cvelist•added 2022/11/15 12:0 a.m.•24 views

CVE-2021-4241 phpservermon User.php setUserLoggedIn predictable algorithm in random number generator

2.6CVSS5.6AI score0.00769EPSS

Exploits1References3

CVE•added 2022/11/15 12:0 a.m.•83 views

CVE-2021-4240

Summary: CVE-2021-4240 affects phpservermon, specifically the function generatePasswordResetToken in src/psm/Service/User.php. The root cause is use of a predictable algorithm in the random number generator, leading to possible guessing of reset tokens. The vulnerability has public exploit inform...

5.3CVSS4.5AI score0.00803EPSS

Exploits1References3Affected Software1

CVE•added 2022/11/15 12:0 a.m.•63 views

CVE-2021-4241

The CVE-2021-4241 issue affects phpservermon, specifically the function setUserLoggedIn in src/psm/Service/User.php. The root cause is use of a predictable random-number generator, enabling potential guessing of generated strings. Public exploit details exist, and a patch is identified as bb10a5f...

5.3CVSS4.6AI score0.00769EPSS

Exploits1References3Affected Software1

Prion•added 2022/10/13 7:15 p.m.•9 views

Code injection

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator...

4CVSS4.8AI score0.00646EPSS

Exploits1References2Affected Software3

CNVD•added 2022/10/13 12:0 a.m.•22 views

SAP Customer Data Cloud Security Feature Issue Vulnerability

SAP Customer Data Cloud is a tool from SAP Germany that provides digital customer identity and access management. It enables companies to collect, aggregate and manage customer data across multiple touch points and applications. A security feature issue vulnerability exists in SAP Customer Data...

5.2CVSS5AI score0.00386EPSS

Exploits0References1

Vulnrichment•added 2022/10/13 12:0 a.m.•3 views

CVE-2022-42159

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator...

4.7AI score0.00646EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by