1574 matches found
WordPress plugin Clearfy Cache 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
WordPress plugin Booking Calendar 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2019-7860
A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2...
WordPress plugin WP Status Notifier 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
WordPress plugin SVG Map Plugin 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...
WordPress plugin Latest Tabs 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
WordPress plugin AMP for WP – Accelerated Mobile Pages 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...
WordPress plugin Sticky Action Buttons 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...
WordPress plugin NS IE Compatibility Fixer 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...
SUSE CVE-2025-69217
coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...
CVE-2025-69217
coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...
EUVD-2025-205680
coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...
CVE-2025-69217
CVE-2025-69217 pertains to coturn (TURN/STUN server). Affected releases: 4.6.2r5–4.7.0-r4 have a weak RNG for nonces and port randomization due to a refactor, using libc random() instead of OpenSSL RAND_bytes (non-Windows). Attacking with ~50 consecutive unauthenticated nonce requests can reconst...
CVE-2025-69217
coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...
Coturn 安全特征问题漏洞
Coturn is an open source implementation of TURN VoIP Media Services NAT Traversal Server and Gateway and STUN Simple Traversal of Network Address Translator for User Datagram Protocol Server by Coturn Open Source. A security feature issue vulnerability exists in Coturn versions 4.6.2r5 through...
UBUNTU-CVE-2023-54073
In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpmamdisrngdefective to the hwrngunregister call site The following crash was reported: 1950.279393 listdel corruption, ffff99560d485790-next is NULL 1950.279400 ------------ cut here ------------ 1950.279401 kernel BUG...
CVE-2023-54073
The CVE-2023-54073 issue is a Linux kernel vulnerability fixed by adding the invariant !tpm_amd_is_rng_defective() at the hwrng_unregister() call site inside tpm_chip_unregister(). The description and connected sources show a crash scenario linked to hwrng_unregister() being called during tpm_chi...
CVE-2023-53998
In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on dataavail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation, that is, when the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hardware random number generator logging out without checking that the AMD RNG is OK, which could lead t...
CVE-2025-26379
Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...