EUVD-2007-3298

Malware in sbrugna...

CVE-2023-22601

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this...

CVE-2025-3495

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs CWE-338. An attacker could easily brute force a session ID and load and execute arbitrary code...

CVE-2025-3495 COMMGR - Insufficient Randomization Authentication Bypass

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs CWE-338. An attacker could easily brute force a session ID and load and execute arbitrary code...

CVE-2025-3495

CVE-2025-3495 affects Delta Electronics COMMGR v1 and v2. The root cause is insufficiently randomized session IDs (CWE-338) in COMMGR, allowing brute-force traversal to load and execute arbitrary code. Several connected sources corroborate this issue, including CVE entries and PT Security notes r...

PT-2024-39562 · Authd +1 · Authd +1

Name of the Vulnerable Software and Affected Versions: Authd versions 0.3.6 and earlier Description: A local attacker who can register user names could spoof another user's ID and gain their privileges due to insufficient randomization of user IDs. The issue arises from the GenerateID method, whi...

Insufficient Randomization And Data Exposure

github.com/consensys/gnark is vulnerable to Insufficient Randomization and Data Exposure. The vulnerability is due to the lack of additional randomized values in the commitments, which allows an attacker to deduce the witness values through enumeration if those values are small...

RHEL 8 : java-11-openjdk (RHSA-2022:7012)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7012 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

Moderate: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Moderate: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 OpenJDK: HttpServer no connection count limit...

Ubuntu: Security Advisory (USN-5622-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-0486

Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under modperl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery CSRF protectio...