42 matches found
EUVD-2020-19544
Malware in sbrugna...
EUVD-2019-0762
Malware in sbrugna...
EUVD-2017-6385
Malware in sbrugna...
EUVD-2005-0107
Malware in sbrugna...
EUVD-2022-38146
Malicious code in bioql PyPI...
EUVD-2025-24168
Malicious code in bioql PyPI...
Weak Encryption
jose is vulnerable to weak encryption. The vulnerability is due to encryption algorithms that are claimed to not meet recommended security standards, which allows an attacker to potentially bypass intended cryptographic strength...
CVE-2025-40920
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...
Updated perl-Net-OAuth, perl-Crypt-URandom & perl-Module-Build packages fix security vulnerability
In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand function, which is not cryptographically strong. CVE-2025-22376...
MGASA-2025-0062 Updated perl-Net-OAuth, perl-Crypt-URandom & perl-Module-Build packages fix security vulnerability
In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand function, which is not cryptographically strong. CVE-2025-22376...
CVE-2025-22376
In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand function, which is not cryptographically strong...
MetaCPAN Net::OAuth 安全漏洞
MetaCPAN Net::OAuth is a package from the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN Net::OAuth, which stems from the fact that the default nonce is a 32-bit integer generated by the built-in rand function, which is not cryptographically strong...
Dell Secure Connect Gateway 加密问题漏洞
Dell Secure Connect Gateway is a secure connectivity gateway from Dell USA. A cryptographic issue vulnerability exists in Dell Secure Connect Gateway version 5.18, which stems from a vulnerability containing insufficient cryptographic strength. No detailed vulnerability details are provided at th...
[SECURITY] [DLA 3571-1] openjdk-11 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3571-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 19, 2023 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DSA-5478-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALPINE-CVE-2022-35255
A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource in SecretKeyGenTraits::DoKeyGen in src/crypto/cryptokeygen.cc. There are two problems with this: 1 It does not check the return value, it assumes EntropySource always succeeds, but it can a...
PAN-OS: Impact of the Raccoon Attack Vulnerability CVE-2020-1968
In versions of Palo Alto Networks PAN-OS software earlier than PAN-OS 10.0, the DHE cipher available for use in traffic decryption improperly shares a cryptographic secret across multiple TLS connections, which weakens its cryptographic strength. This is a prerequisite for successful exploitation...
CVE-2020-27020
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information for example, time of password generation...
CVE-2019-5489
A new software page cache side channel attack scenario was discovered in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be us...
Kernel: page cache side channel attacks
A new software page cache side channel attack scenario was discovered in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be us...