Design/Logic Flaw

MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users...

CVE-2012-1581

CVE-2012-1581 affects MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2. The root cause is the use of weak random numbers for password reset tokens, which can enable remote attackers to change arbitrary user passwords. The context across connected sources reiterates the same affected versio...

CVE-2012-1581

MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users...

CVE-2012-2387

devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack...

CVE-2012-2387

devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack...

Code injection

devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack...

CVE-2012-2387

devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack...

CVE-2011-4321

The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors...

Design/Logic Flaw

The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors...

CVE-2011-4321

The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors...

CVE-2011-4321

The CVE-2011-4321 issue affects Joomla! 1.5.x through 1.5.24, where the password reset function uses weak random numbers. This weakness can allow remote attackers to change the passwords of arbitrary users via unspecified vectors. The provided sources confirm the affected product range and the ro...

Ruby Random Number Generation Local Denial Of Service Vulnerability

This host is installed with Ruby and is prone to local denial of service vulnerability. OpenVAS Vulnerability Test $Id: secpodrubyrandomnumbergenerationdosvuln.nasl 8196 2017-12-20 12:13:37Z cfischer $ Ruby Random Number Generation Local Denial Of Service Vulnerability Authors: Sooraj KS Copyrigh...

CVE-2011-3009

Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900...

CVE-2011-2686

CVE-2011-2686 affects Ruby (MRI) older than 1.8.7-p352; it arises from a regression in 1.8.6 where the random seed is not reset on fork, allowing context-dependent attackers to predict random numbers from a child process. The issue is fixed in Ruby 1.8.7-p352 and later. No exploitation details ar...

CVE-2010-3804

The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a...

CVE-2010-3804

The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6637)

This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel. The following security issues were fixed: CVE-2009-3238: The getrandomint function in drivers/char/random.c in the Linux kernel produces insufficiently random numbers, which allows attackers to...

Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: MyBB Password Reset Weak Random Numbers Vulnerability Release Date: 2010/04/13 Last Modified: 2010/04/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: MyBB = 1.4.11 Severity: Usage of weak random number...

CVE-2009-3238

The getrandomint function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to...

CVE-2009-3238

The getrandomint function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to...