Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/05/22 10:50 p.m.9 views

CVE-2022-30782

Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cryptographically secure random numbers...

7.5CVSS7AI score0.01164EPSS
Exploits0References1
cvelist
cvelist
added 2022/03/15 3:40 p.m.26 views

CVE-2022-26779 Apache Cloudstack insecure random number generation affects project email invitation

Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate...

7.6AI score0.02806EPSS
Exploits1References3
nvd
nvd
added 2020/12/14 9:15 p.m.24 views

CVE-2020-25232

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port...

7.5CVSS7.8AI score0.00659EPSS
Exploits0References1
prion
prion
added 2020/12/14 9:15 p.m.17 views

Design/Logic Flaw

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port...

5CVSS7.8AI score0.00659EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2020/02/28 9:15 p.m.15 views

CVE-2020-9449

An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS client, and BlaB! WS Pro client version 19.11 allows an attacker with a guest or user session cookie to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitra...

8.8CVSS8.8AI score0.01036EPSS
Exploits0References1
nvd
nvd
added 2018/11/13 2:29 p.m.24 views

CVE-2018-15795

Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service...

8.1CVSS8.1AI score0.01304EPSS
Exploits0References2
Rows per page
Query Builder