EUVD-2025-18178

Malicious code in bioql PyPI...

CVE-2025-49198

The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be able to guess the token of an active user by computing plausible tokens...

CVE-2025-49198

The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be able to guess the token of an active user by computing plausible tokens...

CVE-2025-49198 Poor quality of randomness in authorization tokens

The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be able to guess the token of an active user by computing plausible tokens...

PT-2025-25324 · Sick Ag · Sick Media Server

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns authorization tokens with poor randomness quality. An attacker may guess the token of an active user by computing plausible tokens. Recommendations: At the moment, there i...

PT-2022-20394 · Unknown · B2Evolution

Name of the Vulnerable Software and Affected Versions: b2evolution versions prior to 7.2.3 Description: An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. This allows the...

Keypair 代码问题漏洞

Keypair is an open source package. It is used to generate RSA PEM key pairs in pure JS. Keypair has a code issue vulnerability that stems from. An issue was found when this library was generating the same RSA keys used in SSH. This would mean that the library is generating the same P, Q and...

Animas OneTouch Ping Data Forgery Vulnerability

The Animas OneTouch Ping is a medical self-service device for diabetics taking insulin from Animas USA. A security vulnerability exists in the Animas OneTouch Ping device that stems from the program failing to properly generate random numbers. A remote attacker could exploit the vulnerability to...