5314 matches found
Revive Adserver: Use of a Broken or Risky Cryptographic Algorithm
revive-adserver utilizes a PRNG for session-token generation, this means that an attacker could theoretically be able to generate session tokens at random and take over accounts at random. This function does not generate cryptographically secure values, and should not be used for cryptographic...
[SECURITY] Fedora 34 Update: rust-unicode-linebreak-0.1.1-2.fc34
Implementation of the Unicode Line Breaking Algorithm...
[SECURITY] Fedora 34 Update: rust-unicode-truncate-0.2.0-2.fc34
Unicode-aware algorithm to pad or truncate str in terms of displayed width...
Fedora: Security Advisory for rust-unicode-linebreak (FEDORA-2021-3cf88e44b4)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for rust-unicode-truncate (FEDORA-2021-3cf88e44b4)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OESA-2021-1309 gradle security update
Gradle is build automation evolved. Gradle can automate the building, testing, publishing, deployment and more of software packages or other types of projects such as generated static websites, generated documentation or indeed anything else. Gradle combines the power and flexibility of Ant with...
Amazon AWS CloudFront 加密问题漏洞
Amazon AWS CloudFront is a content delivery network that provides basic services from Amazon.com, Inc.'s Web Services system. A security vulnerability exists in Amazon AWS CloudFront TLSv1.2 2019, where a related component uses a weak cryptographic algorithm resulting in a security risk...
Insecure Random Number Generation
yiisoft/yii2 is using insecure random number generation. The vulnerability exists because it uses the function mtrand in CaptchaAction.php which is a predictable Random Number algorithm for random bytes and int generation...
Insecure Random Number Generation
yiisoft/yii2 is using insecure random number generation. The vulnerability exists because it uses the function mtrand in BaseMailer.php which is a predictable Random Number algorithm for random bytes and int generation...
CVE-2021-3692
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3692
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
Code injection
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3692 Use of Predictable Algorithm in Random Number Generator in yiisoft/yii2
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3692
CVE-2021-3692 affects yiisoft/yii2 (and related versions) with a vulnerability described as Use of Predictable Algorithm in Random Number Generator. Public sources consistently point to insecure RNG usage, notably the use of mt_rand() in code paths such as CaptchaAction.php, leading to predictabl...
CVE-2021-3689
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
Code injection
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3689 Use of Predictable Algorithm in Random Number Generator in yiisoft/yii2
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...
CVE-2021-3689
CVE-2021-3689 affects yiisoft/yii2 and is caused by use of a Predictable Algorithm in the Random Number Generator (RNG). The entry consolidates multiple sources indicating insecure RNG usage (notably mt_rand-based implementation in Yii2 components such as BaseMailer.php) that leads to potential i...
Twitter Algorithmic Bias: Underrepresentation Bias through Twitter's Cropping Algorithm #2: Favoring Animals over Black People
Bounty Hunter Name: CyberQueenMeg About You: Megan, also known as CyberQueenMeg, is a passionate rising cybersecurity professional who is interested in programming, cybersecurity, and web development. Megan is a high school senior in a rigorous computer science program at her high school where sh...
Twitter Algorithmic Bias: Underrepresentation Bias through Twitter's Cropping Algorithm
Bounty Hunter Name: CyberQueenMeg About You: Megan, also known as CyberQueenMeg, is a passionate rising cybersecurity professional who is interested in programming, cybersecurity, and web development. Megan is a high school senior in a rigorous computer science program at her high school where sh...