GitHub Security Lab: Python: CWE-338 insecureRandomness

This bug was reported directly to GitHub Security Lab...

CVE-2019-19181

...

Critical severity vulnerability that affects generator-jhipster

Account takeover and privilege escalation is possible in applications generated by generator-jhipster before 6.3.0. This is due to a vulnerability in the generated java classes: CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator PRNG Generated applications must be manually...

Unsafe generation of XSRF/CSRF token.

PMASA-2016-2 Announcement-ID: PMASA-2016-2 Date: 2016-01-24 Summary Unsafe generation of XSRF/CSRF token. Description The XSRF/CSRF token is generated with a weak algorithm using functions that do not return cryptographically secure values. Severity We consider this vulnerability to be...

Amazon Linux: Security Advisory (ALAS-2013-244)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HP-UX PHNE_44236 : s700_800 11.23 NTP timeservices upgrade plus utilities

s700800 11.23 NTP timeservices upgrade plus utilities : Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service DoS, or other vulnerabilities. References: CVE-2014-9293 - Insufficient Entropy in...