EUVD-2013-7143

Malware in sbrugna...

CVE-2024-41594

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL...

CVE-2013-7373

Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications...

SUSE CVE-2014-0016

stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator PRNG, which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC ECDSA or DSA...

Advisory ROSA-SA-2021-1978

Software: stunnel 4.56 OS: Cobalt 7.9 CVE-ID: CVE-2014-0016 CVE-Crit: MEDIUM CVE-DESC: stunnel before 5.00 when using fork streaming does not properly update the OpenSSL pseudo-random number generator PRNG state, which causes subsequent children with the same process ID to use the same entropy po...

CVE-2014-0017

The RANDbytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator PRNG, which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

Debian OpenSSL Predictable PRNG - - - Links Original UR...

OpenSSL Security Advisory: PRNG weakness in versions up to 0.9.6a

OpenSSL Security Advisory 10 July 2001 WEAKNESS OF THE OpenSSL PRNG IN VERSIONS UP TO OpenSSL 0.9.6a ------------------------------------------------------------- CONTENTS: - Synopsis - Detailed problem description - Solution - Impact - Source code patch - Acknowledgement OpenSSL 0.9.6b has been...