Siemens LOGO! CMR and SIMATIC RTU 3000 Use of Insufficiently Random Values (CVE-2021-37186)

A vulnerability has been identified in LOGO! CMR2020 All versions V2.2, LOGO! CMR2040 All versions V2.2, SIMATIC RTU3010C All versions V4.0.9, SIMATIC RTU3030C All versions V4.0.9, SIMATIC RTU3031C All versions V4.0.9, SIMATIC RTU3041C All versions V4.0.9. The underlying TCP/IP stack does not...

Use Of Insufficiently Random Values

Magento LTS is vulnerable to Use of Insufficiently Random Values. The vulnerability is caused by not generating sufficient length protectcode value as part of guest order cookie - guest-view and not implementing a rate limiting in the end point e.g: /magento19/index.php/default/sales/guest/view/...

Oracle Linux 9 : samba (ELSA-2023-2519)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2519 advisory. - resolves: rhbz2154373 - Fix CVE-2022-38023 - Fix CVE-2022-1615 GnuTLS gnutlsrnd can fail and give predictable random values - resolves: rhbz2108332 - Fix...

CVE-2023-39979

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values...

Authentication flaw

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values...

Hitachi Energy AFF66x

1. EXECUTIVE SUMMARY ​CVSS v3 9.6 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Hitachi Energy ​Equipment: AFF66x ​Vulnerabilities: Cross-site Scripting, Use of Insufficiently Random Values, Origin Validation Error, Integer Overflow or Wraparound, Uncontrolled Resource...

CVE-2023-24478

Use of insufficiently random values for some Intel AgilexR software included as part of IntelR QuartusR Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access...

Information disclosure

Use of insufficiently random values for some Intel AgilexR software included as part of IntelR QuartusR Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2023-24478

Use of insufficiently random values for some Intel AgilexR software included as part of IntelR QuartusR Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2023-24478

Use of insufficiently random values for some Intel AgilexR software included as part of IntelR QuartusR Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access...

Siemens SCALANCE X-200RNA Switch Devices Use of Insufficiently Random Values (CVE-2022-46353)

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. The webserver of affected device...

Design/Logic Flaw

A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. Th...

CVE-2023-3803

CVE-2023-3803 affects Chengdu Flash Flood Disaster Monitoring and Warning System 2.0, specifically the File Name Handler component and the /Service/ImageStationDataService.asmx file. The root cause is a flaw that leads to insufficiently random values. Documented attack complexity is high and expl...

CVE-2023-3803 Chengdu Flash Flood Disaster Monitoring and Warning System File Name ImageStationDataService.asmx random values

A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. Th...

Chengdu Flash Flood Disaster Monitoring and Warning System 代码问题漏洞

Chengdu Flash Flood Disaster Monitoring and Warning System is a flash flood disaster monitoring and warning system in Chengdu. A vulnerability exists in Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 due to a code issue with insufficient random values...

Synology Router Manager (SRM) 1.2.x, 1.3.x Use of Insufficiently Random Values Vulnerability (Synology-SA-23:08) - Unreliable Remote Version Check

Synology Router Manager SRM is prone to an use of insufficiently random values vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

Synology Router Manager (SRM) 1.2.x, 1.3.x Use of Insufficiently Random Values Vulnerability (Synology-SA-23:08) - Remote Known Vulnerable Versions Check

Synology Router Manager SRM is prone to an use of insufficiently random values vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

CVE-2023-2729

Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager DSM before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors...

CVE-2023-2729

Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager DSM before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors...

Atlas Copco Power Focus 6000

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Atlas Copco Equipment: Power Focus 6000 Vulnerabilities: Cleartext Storage of Sensitive Information, Small Space of Random Values, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION...