Lucene search
+L

4 matches found

NVD
NVD
added 2026/06/24 8:16 a.m.9 views

CVE-2026-52936

In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...

5.5CVSS0.00114EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/09/06 12:0 a.m.5 views

Wrangling Entropy: Next-Generation Multi-Factor Key Derivation, Credential Hashing, and Credential Generation Functions

The Multi-Factor Key Derivation Function MFKDF offered a novel solution to the classic problem of usable client-side key management by incorporating multiple popular authentication factors into a key derivation process, but was later shown to be vulnerable to cryptanalysis that degraded its...

7.3AI score
Exploits0
OSV
OSV
added 2024/08/15 6:40 p.m.20 views

CVE-2024-42475 OAuth library for nim allows insecure generation of state values by generateState - entropy too low and uses regular PRNG instead of CSPRNG

In the OAuth library for nim prior to version 0.11, the state values generated by the generateState function do not have sufficient entropy. These can be successfully guessed by an attacker allowing them to perform a CSRF vs a user, associating the user's session with the attacker's protected...

6.5CVSS6.9AI score0.00236EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/15 12:0 a.m.8 views

oauth 安全漏洞

oauth is an oauth library for nim from the individual developer Yoshihiro Tanaka. A security vulnerability exists in versions of oauth prior to 0.11, which stems from the state values generated by the generateState function not having sufficient entropy for an attacker to successfully guess these...

6.5CVSS6.7AI score0.00236EPSS
Exploits0References3
Rows per page
Query Builder