CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Positive Technologies•added 2026/05/26 12:0 a.m.•7 views

PT-2026-43430

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random bytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

5.8AI score0.00036EPSS

Exploits0References5

ATTACKERKB•added 2026/04/23 7:29 a.m.•2 views

CVE-2026-41564

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...

5.8AI score0.00015EPSS

Exploits0References4

EUVD•added 2026/04/15 6:31 p.m.•1 views

EUVD-2026-22840

Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The makesalt and makesaltbcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply...

5.8AI score0.00019EPSS

Exploits0References7

ATTACKERKB•added 2026/04/15 7:3 a.m.•0 views

CVE-2026-5088

Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The makesalt and makesaltbcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply...

7.5CVSS5.8AI score0.00019EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-43777

Malicious code in bioql PyPI...

7.5CVSS5.7AI score0.0007EPSS

Exploits0References2

Filippo.io•added 2024/09/25 8:42 p.m.•5 views

The FIPS Compliance of HKDF

HKDF is an HMAC-based key-derivation function specified in RFC 5869. It’s nice and we generally like using it. FIPS Federal Information Processing Standards is used generally as a moniker for the set of standards, recommendations, and guidance published by the U.S. National Institute of Standards...

7.3AI score

Exploits0

Tenable Nessus•added 2024/01/24 12:0 a.m.•27 views

RHCOS 4 : OpenShift Container Platform 4.12.23 (RHSA-2023:3924)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3924 advisory. - openshift: OCP & FIPS mode CVE-2023-3089 Note that Nessus has not tested for this issue but has instead relied only on the application's...

7.5CVSS6.6AI score0.0007EPSS

Exploits0References7

Tenable Nessus•added 2024/01/24 12:0 a.m.•29 views

RHCOS 4 : Red Hat OpenShift Enterprise (RHSA-2023:3910)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3910 advisory. - golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 - openshift: OCP & FIPS mode...

9.8CVSS6.8AI score0.00331EPSS

Exploits0References9