CVE-2025-62710 Sakai kernel-impl: predictable PRNG used to generate server‑side encryption key in EncryptionUtilityServiceImpl

Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password serverSecretKey using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted...

GHSA-GR7H-XW4F-WH86 Sakai kernel-impl: predictable PRNG used to generate server‑side encryption key in EncryptionUtilityServiceImpl

Impact EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password serverSecretKey using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted from limited state/seed information e.g., start time window, substantially...

CVE-2025-4876

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

PT-2023-7270 · Rvtools · Rvtools

Name of the Vulnerable Software and Affected Versions: RVTools versions 3.9.2 and above Description: The issue is related to errors in cryptographic transformations, which can allow a remote attacker to gain unauthorized access to protected information. Specifically, the vulnerability in the...

Encryption Utility Firm Accused of Bundling Malware Functions in Product

An Italian company that sells what it describes as a legitimate encryption utility is being used as malware packer for the cloud-delivered malicious GuLoader dropper, claim researchers. The tool, according a recent investigation, creates GuLoader samples and helps the malware avoid antivirus...

Fedora Update for kgpg FEDORA-2013-13499

Check for the Version of kgpg OpenVAS Vulnerability Test Fedora Update for kgpg FEDORA-2013-13499 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora Update for kgpg FEDORA-2013-10182

Check for the Version of kgpg OpenVAS Vulnerability Test Fedora Update for kgpg FEDORA-2013-10182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora Update for kgpg FEDORA-2013-10130

Check for the Version of kgpg OpenVAS Vulnerability Test Fedora Update for kgpg FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...