EUVD-2022-4985

Malicious code in bioql PyPI...

Froxlor guessable password reset token

Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value...

GHSA-QJ6H-M7XC-R2V3 Froxlor guessable password reset token

Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value...

openSUSE: Security Advisory for froxlor (openSUSE-SU-2021:0415-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for froxlor (moderate)

openSUSE Security Update: Security update for froxlor Announcement ID: openSUSE-SU-2021:0450-1 Rating: moderate References: 1025193 1082318 846355 958100 Cross-References: CVE-2016-5100 CVSS scores: CVE-2016-5100 NVD : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE...

openSUSE Security Update : froxlor (openSUSE-2021-415)

This update for froxlor fixes the following issues : - Upstream upgrade to version 0.10.23 boo846355 - Upstream upgrade to version 0.10.22 boo846355 - BuildRequire cron as this contains now the cron directories - Use %license for COPYING file instead of %doc boo1082318 Upstream upgrade to version...

Security update for froxlor (moderate)

openSUSE Security Update: Security update for froxlor Announcement ID: openSUSE-SU-2021:0415-1 Rating: moderate References: 1025193 1082318 846355 958100 Cross-References: CVE-2016-5100 CVSS scores: CVE-2016-5100 NVD : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE...

GHSA-H7QW-MXRM-C6H2 Unauthenticated crypto and weak IV in Magento\Framework\Encryption

The construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value...

CVE-2016-5100

Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value...

CVE-2016-5100

Summary: CVE-2016-5100 affects Froxlor prior to 0.9.35, where the code uses PHP’s rand() for random number generation, enabling a remote attacker to predict password reset tokens. The issue is documented across multiple advisories and security entries (openSUSE/OpenSUSE-SU-2021:0415/0450, GHSA-GH...