Samba 安全特征问题漏洞

Samba is the standard Windows interoperability program suite for Linux and Unix. Samba suffers from a security vulnerability that stems from the fact that GnuTLS gnutlsrnd may fail and give predictable random values...

CVE-2022-1615

CVE-2022-1615 affects Samba: the GnuTLS function gnutls_rnd() can fail and produce predictable random values, impacting Samba components that rely on that RNG. Public references in the connected docs indicate the issue is fixed in later Samba releases (e.g., Samba 4.17.5 and related advisories) a...

CVE-2022-1615

In Samba, GnuTLS gnutlsrnd can fail and give predictable random values...

CVE-2022-1615

In Samba, GnuTLS gnutlsrnd can fail and give predictable random values...

CVE-2022-30629

Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption...

Session fixation

Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption...

CVE-2022-30629

Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption...

CVE-2022-30629

Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption...

Siemens SCALANCE X Switch Devices Use of Insufficiently Random Values (CVE-2022-26647)

A vulnerability has been identified in SCALANCE X200-4P IRT All versions, SCALANCE X200-4P IRT All versions, SCALANCE X201-3P IRT All versions, SCALANCE X201-3P IRT All versions, SCALANCE X201-3P IRT PRO All versions, SCALANCE X201-3P IRT PRO All versions, SCALANCE X202-2IRT All versions, SCALANC...

Siemens SCALANCE X Switch Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2020-35163

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability...

CVE-2020-35163

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability...

Design/Logic Flaw

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability...

CVE-2020-35163

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability...

CVE-2022-32284

Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router WAC Router AW810D, which may allow a remote attacker to cause denial-of-service DoS condition by sending a specially crafted packet...

Design/Logic Flaw

Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router WAC Router AW810D, which may allow a remote attacker to cause denial-of-service DoS condition by sending a specially crafted packet...

Yokogawa Wide Area Communication Router

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Yokogawa Equipment: Wide Area Communication Router WAC Router Vulnerability: Use of Insufficiently Random Values 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the functions provided by the WAC...

CVE-2022-31034

Several Single sign-on SSO vulnerabilities were found in ArgoCD when the login process is initiated via CLI or UI interfaces. The vulnerabilities are related to using insufficiently random value parameters during the login process. This flaw gives the attacker elevated privileges, including the...

Insecure entropy in Argo CD's PKCE/Oauth2/OIDC params

All versions of Argo CD starting with v0.11.0 is vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in parameters in Oauth2/OIDC login flows...

CVE-2022-23138

ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values, the security of the device is reduced, and it may face the risk of attack...