CVE-2026-34236

Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. From version 8.0.0 to before version 8.19.0, in applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session...

CVE-2026-30790 RustDesk Server Controls All Handshake Entropy (Salt/Challenge), Enabling Offline Brute-Force

Improper Restriction of Excessive Authentication Attempts, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Peer authentication, API login modules, rustdesk-server RustDesk Server OSS...

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

EUVD-2013-2206

Malware in sbrugna...

EUVD-2022-36795

Malicious code in bioql PyPI...

Meshtastic 安全特征问题漏洞

Meshtastic is a decentralized wireless off-grid mesh network LoRa protocol open-sourced by Meshtastic. A security signature issue vulnerability exists in Meshtastic versions prior to 2.5.0 through 2.6.11, which stems from insufficient entropy in the key generation process that could lead to key...

CVE-2013-2260

Cryptocat before 2.0.22: Cryptocat.random Function Array Key has Entropy Weakness...

SUSE CVE-2010-1128

The Linear Congruential Generator LCG in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function...

SUSE CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not , which might allow remote attackers to obtain the value of generated MD5...

Design/Logic Flaw

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 t...

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

Code injection

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

CVE-2022-33756

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data...

Broadcom CA Automic Automation 安全特征问题漏洞

Broadcom CA Automic Automation is an automation product from Broadcom, Inc. It provides a service orchestration and automation platform to automate complex applications, platforms, and technology environments. A security vulnerability exists in Broadcom CA Automic Automation versions 12.2 and 12....

CVE-2013-2260

Cryptocat before 2.0.22: Cryptocat.random Function Array Key has Entropy Weakness...

CVE-2018-15812

DNN aka DotNetNuke 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2016-9154

Siemens Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 for Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D All firmware versions V6.00.046 and Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 for Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U All...

GNU Classpath 0.97.2 'gnu.java.security.util.PRNG' Class Entropy Weakness (1)

No description provided by source. source: http://www.securityfocus.com/bid/32909/info GNU Classpath is prone to a weakness that may result in weaker cryptographic security because its psuedo-random number generator PRNG lacks entropy. Attackers may leverage this issue to obtain sensitive...