968 matches found
[SECURITY] Fedora 32 Update: nethack-3.6.6-1.fc32
NetHack is a single player dungeon exploration game that runs on a wide variety of computer systems, with a variety of graphical and text interfaces all using the same game engine. Unlike many other Dungeons & Dragons-inspired games, the emphasis in NetHack is on discovering the detail of the...
SUSE-SU-2020:0585-1 Security update for cloud-init
This update for cloud-init fixes the following security issues: - CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG bsc1162937. - CVE-2020-8632: Increased the default random password length from 9 to 20 bsc1162936...
[SECURITY] Fedora 31 Update: nethack-3.6.5-1.fc31
NetHack is a single player dungeon exploration game that runs on a wide variety of computer systems, with a variety of graphical and text interfaces all using the same game engine. Unlike many other Dungeons & Dragons-inspired games, the emphasis in NetHack is on discovering the detail of the...
[SECURITY] Fedora 30 Update: nethack-3.6.5-1.fc30
NetHack is a single player dungeon exploration game that runs on a wide variety of computer systems, with a variety of graphical and text interfaces all using the same game engine. Unlike many other Dungeons & Dragons-inspired games, the emphasis in NetHack is on discovering the detail of the...
Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2019-2073)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-1448)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2020-1063)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...
[SECURITY] Fedora 31 Update: nethack-3.6.4-1.fc31
NetHack is a single player dungeon exploration game that runs on a wide variety of computer systems, with a variety of graphical and text interfaces all using the same game engine. Unlike many other Dungeons & Dragons-inspired games, the emphasis in NetHack is on discovering the detail of the...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM i
Summary OpenSSL is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to constru...
PT-2019-6750 · Openbsd · Openbsd
Name of the Vulnerable Software and Affected Versions: OpenBSD affected versions not specified Description: The issue concerns a problem in the random number generation functionality. Specifically, when the random number generator is seeded with 0, it returns 0. This behavior is observed in the...
EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2019-2431)
According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a...
Insecure Random Number Generator
magento/community-edition uses an insecure random number generator. The application uses a cryptographically insecure PHP rand function to generate a random number for the initialization vector, making it easier for remote attackers to defeat cryptographic protection mechanisms...
Use of Cryptographically Weak Pseudo-Random Number Generator in org.pac4j:pac4j-saml
The SAML identifier generated within SAML2Utils.java was found to make use of the apache commons-lang3 RandomStringUtils class which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong. This issue only affects the 3.X release of pac4j-saml...
CVE-2019-8113
Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration...
CVE-2019-8113
Summary (CVE-2019-8113): Magento 2.2 versions before 2.2.10 and Magento 2.3 versions before 2.3.3 (or 2.3.2-p1) use a cryptographically weak random number generator to brute‑force the confirmation code during customer registration. This is mitigated by applying the security update referenced (Mag...
CVE-2019-8113
Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration...
CVE-2013-4102
Cryptocat before 2.0.22 strophe.js Math.random Random Number Generator Weakness...
Code injection
Cryptocat before 2.0.22 strophe.js Math.random Random Number Generator Weakness...
CVE-2013-4102
Cryptocat before 2.0.22 strophe.js Math.random Random Number Generator Weakness...