CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6267

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00378EPSS

Exploits0References5

Veracode•added 2022/07/26 12:31 p.m.•25 views

Insecure Random

otp-generator is using insecure random. It generates random number for one-time passwords by using insecure Math.Random, allowing an attacker to brute-force...

9.8CVSS8.9AI score0.00378EPSS

Exploits0References2Affected Software1

OSV•added 2022/07/26 12:1 a.m.•18 views

GHSA-6X93-H9G3-9PHR otp-generator before v3.0.0 insecurely generates random one-time passwords

The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack...

9.8CVSS9.4AI score0.00378EPSS

Exploits0References5

vulnersOsv•added 2022/07/26 12:1 a.m.•3 views

@trycar-packages-org/tc-entities-production (=1.0.93), otp-generator-strapi (>=1.0.0 <=1.0.1) +12 more potentially affected by CVE-2021-23451 via otp-generator (>=1.1.0 <=2.0.1)

otp-generator NPM version =1.1.0, =1.0.0, =1.0.4, =1.0.1, =1.0.1, =1.0.80, =0.0.1, =1.2.0, =1.0.1, =1.0.5 Source cves: CVE-2021-23451 Source advisory: OSV:GHSA-6X93-H9G3-9PHR...

9.8CVSS7.2AI score0.00378EPSS

Exploits0

NVD•added 2022/07/25 2:15 p.m.•11 views

CVE-2021-23451

The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack...

9.8CVSS0.00378EPSS

Exploits0References3

Prion•added 2022/07/25 2:15 p.m.•9 views

Design/Logic Flaw

The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack...

7.5CVSS9.3AI score0.00378EPSS

Exploits0References3Affected Software1

Cvelist•added 2022/07/25 2:11 p.m.•11 views

CVE-2021-23451 Insecure Randomness

The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack...

6.5CVSS9.6AI score0.00378EPSS

Exploits0References3

CVE•added 2022/07/25 2:11 p.m.•52 views

CVE-2021-23451

CVE-2021-23451 affects otp-generator prior to 3.0.0, where insecure randomness in the one-time password generation can enable brute-force attacks. Public sources in connected documents consistently describe insecure random number generation (Math.Random) as the root cause, leading to predictable ...

9.8CVSS7.9AI score0.00378EPSS

Exploits0References3Affected Software1

CNNVD•added 2022/07/25 12:0 a.m.•2 views

otp-generator 安全特征问题漏洞

otp-generator is a simple one-time password generator from the individual developer Maheshkumar Kakade. A security vulnerability exists in otp-generator versions prior to 3.0.0 that stems from insecure random one-time passwords being generated.The package is susceptible to insecure randomization,...

9.8CVSS8.2AI score0.00378EPSS

Exploits0References4

Positive Technologies•added 2022/07/25 12:0 a.m.•2 views

PT-2022-9398 · Unknown · Otp-Generator

Name of the Vulnerable Software and Affected Versions: otp-generator versions prior to 3.0.0 Description: The issue is related to insecure randomness in the generation of one-time passwords, which could potentially allow a brute-force attack. Recommendations: For versions prior to 3.0.0, update t...

9.8CVSS9.2AI score0.00378EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by