Lucene search
K

258 matches found

UbuntuCve
UbuntuCve
added 2025/12/30 1:15 a.m.5 views

CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS5.9AI score0.00363EPSS
Exploits0References4
OSV
OSV
added 2025/12/30 1:15 a.m.12 views

UBUNTU-CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS5.8AI score0.00363EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2025/12/30 12:41 a.m.4 views

CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS7AI score0.00363EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/30 12:41 a.m.4 views

CVE-2025-69217 Coturn has unsafe nonce and relay port randomization due to weak random number generation.

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS6.6AI score0.00363EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/30 12:41 a.m.6 views

EUVD-2025-205680

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS6.5AI score0.00363EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/30 12:41 a.m.28 views

CVE-2025-69217 Coturn has unsafe nonce and relay port randomization due to weak random number generation.

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS0.00363EPSS
Exploits0References3
OSV
OSV
added 2025/12/30 12:41 a.m.5 views

CVE-2025-69217 Coturn has unsafe nonce and relay port randomization due to weak random number generation.

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS6.9AI score0.00363EPSS
Exploits0References5
CVE
CVE
added 2025/12/30 12:41 a.m.24 views

CVE-2025-69217

CVE-2025-69217 pertains to coturn (TURN/STUN server). Affected releases: 4.6.2r5–4.7.0-r4 have a weak RNG for nonces and port randomization due to a refactor, using libc random() instead of OpenSSL RAND_bytes (non-Windows). Attacking with ~50 consecutive unauthenticated nonce requests can reconst...

7.7CVSS6.6AI score0.00363EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/30 12:41 a.m.5 views

CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS5.5AI score0.00363EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.4 views

Coturn 安全特征问题漏洞

Coturn is an open source implementation of TURN VoIP Media Services NAT Traversal Server and Gateway and STUN Simple Traversal of Network Address Translator for User Datagram Protocol Server by Coturn Open Source. A security feature issue vulnerability exists in Coturn versions 4.6.2r5 through...

7.7CVSS5.8AI score0.00363EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.4 views

PT-2025-53832

Name of the Vulnerable Software and Affected Versions coturn versions 4.6.2r5 through 4.7.0-r4 Description coturn, a free open source implementation of TURN and STUN Server, contains a flaw related to its random number generator. Specifically, the random number generator for nonces and port...

7.7CVSS6.8AI score0.00363EPSS
Exploits0References20
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-15842

Malware in sbrugna...

9.8CVSS9AI score0.02955EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-25319

Malware in sbrugna...

7.5CVSS7AI score0.01847EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-15845

Malware in sbrugna...

10CVSS7.7AI score0.01897EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-15844

Malware in sbrugna...

7.7CVSS8.4AI score0.00935EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-18850

Malware in sbrugna...

7.2CVSS7AI score0.01282EPSS
Exploits3References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27216

Malware in sbrugna...

7.5CVSS6.5AI score0.06102EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-27215

Malware in sbrugna...

9.8CVSS7AI score0.05116EPSS
Exploits1References10
OSV
OSV
added 2024/06/15 12:0 a.m.15 views

OPENSUSE-SU-2024:10696-1 coturn-4.5.2-2.2 on GA media

These are all security issues fixed in the coturn-4.5.2-2.2 package on the GA media of openSUSE Tumbleweed...

9.8CVSS7.5AI score0.05116EPSS
Exploits4References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:3 a.m.3 views

SUSE CVE-2020-4067

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client an attacker could use their connection to intelligently query coturn to get interesting bytes in the...

7CVSS7AI score0.01847EPSS
Exploits0References4
Rows per page
Query Builder