UBUNTU-CVE-2019-9898

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...

CVE-2019-9898

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...

CVE-2019-9898

PuTTY before 0.71 is affected by CVE-2019-9898 (potential recycling of random numbers in cryptography). Debian/OpenSUSE/Fedora advisories show an upstream 0.71 release fixed CVE-2019-9898 among others; remediation is upgrading PuTTY to 0.71 or newer. Impact includes cryptographic randomness reuse...

CVE-2019-9898

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...

CVE-2019-9898

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities. PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over...

FreeBSD : PuTTY -- security fixes in new release (46e1ece5-48bd-11e9-9c40-080027ac955c)

The PuTTY team reports : New in 0.71 : - Security fixes found by an EU-funded bug bounty programme : - + a remotely triggerable memory overwrite in RSA key exchange, which can occur before host key verification - + potential recycling of random numbers used in cryptography - + on Unix, remotely...

[SECURITY] Fedora 29 Update: python-pycryptodomex-3.6.6-1.fc29

PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's a fork of PyCrypto. It brings several enhancements with respect to the last official version of PyCrypto 2.6.1, for instance: Authenticated encryption modes GCM, CCM, EAX, SIV, OCB Accelerated AES on Intel...

[SECURITY] Fedora 28 Update: python-pycryptodomex-3.6.6-1.fc28

PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's a fork of PyCrypto. It brings several enhancements with respect to the last official version of PyCrypto 2.6.1, for instance: Authenticated encryption modes GCM, CCM, EAX, SIV, OCB Accelerated AES on Intel...

CVE-2018-14715

The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can predict the random number and always win the game...

Insecure Cryptography

crypto-browserify is generates cryptographically insecure random numbers. The library uses the native JavaScript Math.Random to generate random numbers, that has been proven as not secure...

Design/Logic Flaw

IBM Tivoli Endpoint Manager IBM BigFix Platform 9.2 and 9.5 uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow attackers to expose sensitive information by guessing tokens or identifiers. IBM X-Force ID: 123909...

CVE-2017-1230

IBM Tivoli Endpoint Manager IBM BigFix Platform 9.2 and 9.5 uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow attackers to expose sensitive information by guessing tokens or identifiers. IBM X-Force ID: 123909...

CVE-2011-2683

reseed seeds random numbers from an insecure HTTP request to random.org during installation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a man-in-the-middle attack...

CVE-2011-2683

The CVE-2011-2683 entry describes reseeding the random number generator from an insecure HTTP request to random.org during installation, enabling a man-in-the-middle attack to compromise cryptographic protections. The connected documents confirm the basic flaw and its impact but do not provide sp...

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

Multiple Rockwell Automation products have unspecified leaks (CNVD-2017-08714)

Rockwell Automation Allen-Bradley MicroLogix 1100 1763-L16AWA Series A and others are programmable logic controller PLC products from Rockwell Automation. A security vulnerability exists in a number of Rockwell Automation products where the vulnerable program fails to generate sufficient random...

Insecure Random Number Generation

jsencrypt is vulnerable to insecure random number generation. It is insecure because it generates predictable random numbers using Math.random rather than using a cryptographically secure random number generation...

UBUNTU-CVE-2017-5493

wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted 1 site signup or 2 user signup...

Insecure Random Number Generator

django-simple-sso is vulnerable to brute force attacks due to it's insecure random number generator. The random number generator generates pseudo-random numbers rather than a cryptographically secure random number...