2 matches found
PT-2026-54477
Name of the Vulnerable Software and Affected Versions UltraVNC versions prior to 1.8.2.3 Description The software uses a cryptographically weak pseudo-random number generator to produce VNC authentication challenge bytes. Specifically, the vncRandomBytes function seeds libc rand using a combinati...
CVE-2025-40926
Summary of vulnerability (CVE-2025-40926) : Plack::Middleware::Session::Simple for Perl versions before 0.05 generates session IDs insecurely. The default generator uses a SHA-1 hash seeded with the built-in rand() function, the epoch time, and the process ID (PID). The PID comes from a small set...