247 matches found
Unspecified vulnerability in miekg Go DNS package
miekg Go DNS package is a DNS server software package. A security vulnerability exists in miekg Go DNS package versions prior to 1.1.25 used in CoreDNS versions prior to 1.6.6 and other products, which stems from the program not properly generating random numbers. An attacker can exploit the...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
CVE-2015-9435
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...
Design/Logic Flaw
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...
CVE-2015-9435
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...
PT-2019-12525 · Matrix +2 · Matrix Sydent +3
Name of the Vulnerable Software and Affected Versions: Matrix Sydent versions prior to 1.0.3 Synapse versions prior to 0.99.3.1 Description: An issue was discovered that makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID due to mishandled random number...
Updated putty/filezilla/wxgtk packages fix security vulnerability
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification CVE-2019-9894. In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding CVE-2019-9895. Multiple...
Debian DLA-1763-1 : putty security update
Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially be re-used. For Debian 8 'Jessie', these problems have been fixed in version...
Debian: Security Advisory (DLA-1763-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1763-1] putty security update
Package : putty Version : 0.63-10+deb8u2 CVE ID : CVE-2019-9894 CVE-2019-9897 CVE-2019-9898 Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could...
USN-3944-1: wpa_supplicant and hostapd vulnerabilities
It was discovered that wpasupplicant and hostapd were vulnerable to a side channel attack against EAP-pwd. A remote attacker could possibly use this issue to recover certain passwords. CVE-2019-9495 Mathy Vanhoef discovered that wpasupplicant and hostapd incorrectly validated received scalar and...
Debian: Security Advisory (DSA-4423-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4423-1 : putty - security update
Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially be re-used. C Tenable Network Security, Inc. The descriptive text and package chec...
[SECURITY] [DSA 4423-1] putty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4423-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 03, 2019 https://www.debian.org/security/faq -...
CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...
ALPINE-CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...
DEBIAN-CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...
CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...