Lucene search
+L

80 matches found

OSV
OSV
added 2022/04/08 8:15 p.m.4 views

CVE-2022-26852

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...

9.8CVSS5.8AI score0.01188EPSS
Exploits0References1
NVD
NVD
added 2022/04/08 8:15 p.m.20 views

CVE-2022-26852

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...

9.8CVSS0.01188EPSS
Exploits0References1
Prion
Prion
added 2022/04/08 8:15 p.m.24 views

Code injection

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...

7.5CVSS9.3AI score0.01188EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/08 7:50 p.m.28 views

CVE-2022-26852

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...

8.1CVSS9.6AI score0.01188EPSS
Exploits0References1
CVE
CVE
added 2022/04/08 7:50 p.m.91 views

CVE-2022-26852

Technical details about CVE-2022-26852 are not publicly provided in the supplied connected documents. Dell PowerScale OneFS versions 8.2.x-9.3.x are mentioned in the initial description, but no additional exploit specifics, impact, or remediation are given here. Monitor for updates.

9.8CVSS9.3AI score0.01188EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/04 12:0 a.m.4 views

CVE-2022-26852

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise...

9.8CVSS7.2AI score0.01188EPSS
Exploits0References2
OSV
OSV
added 2021/03/03 6:15 p.m.4 views

CVE-2020-28597

A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password o...

7.5CVSS5.8AI score0.01035EPSS
Exploits0References1
Prion
Prion
added 2021/03/03 6:15 p.m.12 views

Default credentials

A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password o...

5CVSS7.5AI score0.01035EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/03/03 5:47 p.m.60 views

CVE-2020-28597

Epignosis EfrontPro 5.2.21 is affected by a password reset vulnerability where the reset token is generated from a predictable seed, enabling an attacker to reset passwords via the password-reset URL. Talos details show the hash is md5(reset_password_timestamp + login) and that the vulnerability ...

9.8CVSS7.5AI score0.01035EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/03/03 12:0 a.m.7 views

PT-2021-11567 · Epignosis · Epignosis Efrontpro

Name of the Vulnerable Software and Affected Versions: Epignosis EfrontPro version 5.2.21 Description: A predictable seed vulnerability exists in the password reset functionality. By predicting the seed, it is possible to generate the correct password reset 1-time token. An attacker can visit the...

9.8CVSS8.4AI score0.01035EPSS
Exploits0References3
OSV
OSV
added 2020/06/03 5:15 p.m.7 views

CVE-2020-13784

D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator...

7.5CVSS7.1AI score0.01296EPSS
Exploits1References2
CVE
CVE
added 2020/06/03 4:23 p.m.99 views

CVE-2020-13784

CVE-2020-13784 concerns the D-Link DIR-865L Ax router with firmware 1.20B01 Beta, where the pseudo-random number generator uses a predictable seed. The connected CNVD entry confirms a security feature issue vulnerability for the same device/firmware, citing the easily guessable PRNG seed as the u...

7.5CVSS7.5AI score0.01296EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2020/03/03 12:0 a.m.56 views

Epignosis eFront LMS Password Reset authentication bypass vulnerability

Summary A predictable seed vulnerability eixsts in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the...

9.8CVSS7.7AI score0.01035EPSS
Exploits0
CVE
CVE
added 2013/12/07 9:0 p.m.141 views

CVE-2013-6386

Drupal 6.x before 6.29 and 7.x before 7.24 uses PHP mt_rand with predictable seeds, allowing remote attackers to predict security strings and bypass restrictions via brute force. Impact includes potential unauthorized access or bypass of protections as described in multiple advisories. Mitigation...

6.8CVSS6.5AI score0.02084EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2012/03/19 7:0 p.m.21 views

CVE-2012-0808

as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack...

6AI score0.0035EPSS
Exploits0References6
NVD
NVD
added 2008/12/17 8:30 p.m.24 views

CVE-2008-5659

The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...

7.5CVSS6.4AI score0.03346EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2008/12/17 8:30 p.m.33 views

CVE-2008-5659

The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...

7.5CVSS5.9AI score0.03346EPSS
Exploits0References2
Prion
Prion
added 2008/12/17 8:30 p.m.21 views

Design/Logic Flaw

The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...

7.5CVSS6.9AI score0.03346EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/12/17 8:0 p.m.29 views

CVE-2008-5659

The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated again...

6.4AI score0.03346EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2008/07/24 12:0 a.m.54 views

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : php5 vulnerabilities (USN-628-1)

It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...

10CVSS8.8AI score0.10918EPSS
Exploits14References13
Rows per page
Query Builder