Lucene search
K

12 matches found

OSV
OSV
added 2020/08/03 5:15 p.m.24 views

CVE-2020-16271

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection...

9.1CVSS6.8AI score
Exploits0References2
Prion
Prion
added 2020/08/03 5:15 p.m.16 views

Design/Logic Flaw

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection...

6.4CVSS8.8AI score0.01506EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/08/03 4:19 p.m.19 views

CVE-2020-16271

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection...

9AI score0.01506EPSS
Exploits1References2
NVD
NVD
added 2017/10/26 9:29 p.m.17 views

CVE-2017-1230

IBM Tivoli Endpoint Manager IBM BigFix Platform 9.2 and 9.5 uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow attackers to expose sensitive information by guessing tokens or identifiers. IBM X-Force ID: 123909...

5.3CVSS5AI score0.01286EPSS
Exploits0References3
Prion
Prion
added 2017/10/26 9:29 p.m.18 views

Design/Logic Flaw

IBM Tivoli Endpoint Manager IBM BigFix Platform 9.2 and 9.5 uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow attackers to expose sensitive information by guessing tokens or identifiers. IBM X-Force ID: 123909...

5CVSS4.9AI score0.01286EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/06/30 3:29 a.m.4 views

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

8.6CVSS5.8AI score0.0662EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.41 views

Amazon Linux AMI : postgresql9 (ALAS-2013-178)

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service file corruption, and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection...

8.5CVSS8.2AI score0.54312EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2013/04/20 12:0 a.m.31 views

Mandriva Linux Security Advisory : postgresql (MDVSA-2013:142)

Multiple vulnerabilities has been discovered and corrected in postgresql : PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enumrecv function in backend/utils/adt/enum.c, which causes it to be invoke...

8.5CVSS8.2AI score0.54312EPSS
Exploits4References6
Prion
Prion
added 2013/04/04 5:55 p.m.27 views

Code injection

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."...

8.5CVSS6.7AI score0.04511EPSS
Exploits0References21Affected Software2
UbuntuCve
UbuntuCve
added 2009/09/18 10:30 a.m.38 views

CVE-2009-3238

The getrandomint function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to...

7.8CVSS6.1AI score0.01632EPSS
Exploits2References3
NVD
NVD
added 2009/02/09 5:30 p.m.23 views

CVE-2009-0486

Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under modperl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery CSRF protectio...

7.5CVSS6.7AI score0.00571EPSS
Exploits0References5
Prion
Prion
added 2009/02/09 5:30 p.m.29 views

Cross site request forgery (csrf)

Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under modperl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to bypass cross-site request forgery CSRF protectio...

7.5CVSS7.3AI score0.00571EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder