17 matches found
CVE-2026-35089
In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...
CVE-2019-2317
The secret key used to make the Initial Sequence Number in the TCP SYN packet could be brute forced and therefore can be predicted in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2025-64429
A vulnerability was found in DuckDB’s database encryption design. In certain situations, DuckDB could generate encryption keys using a weak random number generator, fail to reliably wipe keys from memory, accept manipulated database headers that disable integrity protection, or miss detecting...
EUVD-2016-9510
Malware in sbrugna...
EUVD-2016-7772
Malware in sbrugna...
EUVD-2012-5952
Malware in sbrugna...
EUVD-2019-13373
Malware in sbrugna...
EUVD-2022-2698
Malicious code in bioql PyPI...
vantage6 安全特征问题漏洞
vantage6 is a vantage6 open source priVAcy preserviNg federalTed leArningG infrastructure for Secure Insight eXchange. A security feature issue vulnerability exists in vantage6 versions prior to 4.11.0 that stems from an insecure JWT key auto-generation that could lead to key prediction...
CVE-2012-3006
The Innominate mGuard Smart HW before HW-101130 and BD before BD-101030, mGuard industrial RS, mGuard delta HW before HW-103060 and BD before BD-211010, mGuard PCI, mGuard blade, and EAGLE mGuard appliances with software before 7.5.0 do not use a sufficient source of entropy for private keys, whi...
CVE-2023-4489
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access...
CVE-2023-4489 Z/IP Gateway Use of Uninitialized PRNG when Generating S0 Encryption Key
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access...
CVE-2023-4489 Z/IP Gateway Use of Uninitialized PRNG when Generating S0 Encryption Key
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access...
PT-2023-29314 · Silicon · Z/Ip Gateway
Name of the Vulnerable Software and Affected Versions: Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK versions prior to 7.18.3 Description: The first S0 encryption key is generated with an uninitialized PRNG, making the first S0 key generated at startup predictable. This potentially...
CVE-2016-6887
The pstmexptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via a CRT attack...
HP HP-Plugin Remote Code Execution Vulnerability
hplip is HP Linux graphics and printing software. A security vulnerability exists in HP-Plugin. Allows an attacker to generate a key using a short ID predicted by the vulnerability to trick a user into downloading a malicious binary to execute arbitrary code in the context of the affected...
Code injection
Post Oak AWAM Bluetooth Reader Traffic System does not use a sufficient source of entropy for private keys, which makes it easier for man-in-the-middle attackers to spoof a device by predicting a key value...