CVE-2025-15521

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.5.0. This is due to the plugin not properly validating a user's identity prior to updating their password...

Authen::DigestMD5 安全漏洞

Authen::DigestMD5 is a module in the Perl language from the Perl community. A security vulnerability exists in Authen::DigestMD5 versions 0.01 through 0.02, which stems from insecure cnonce generation...

CVE-2022-29035

JetBrains Ktor Native prior to version 2.0.0 is affected by a weakness in nonce generation where random values were not produced using SecureRandom. The connected documents confirm the root cause but do not provide detailed vulnerability specifics or explicit remediation beyond the product versio...

Insecure Nonce Generation

github.com/rfjakob/gocryptfs is vulnerable to insecure nonce generation. The library does not randomly generate the nonce, allowing a malicious user to figure out the block write order...

WordPress WPtouch Plugin <= 3.x - Insecure Nonce Generation

Because of this vulnerability, a logged­-in attacker can potentially take over the website by uploading a backdoor and then do anything he wants. Solution Update the plugin...