22 matches found
EUVD-2026-30666
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...
WebDyne::Session 安全特征问题漏洞
WebDyne::Session is a server-side component developed by ASPEER’s individual developers, used for session management in web applications. Versions of WebDyne::Session 2.075 and earlier contained security vulnerabilities. These vulnerabilities stemmed from insecure session ID generation. The sessi...
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG seeded with predictable values in the secretkey and hashidsalt. An attacker can gain unauthorized access to any user account, including administrators, by brute-forcing t...
CVE-2025-40931
Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...
EUVD-2011-0778
Malware in sbrugna...
EUVD-2005-4723
Malware in sbrugna...
CVE-2013-6386
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...
Security feature bypass
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...
CVE-2013-6386
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...
UBUNTU-CVE-2013-6386
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...
CVE-2013-6386
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...
CVE-2013-6386
Removed by vendor...
CVE-2011-0766
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...
CVE-2011-0766
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...
Code injection
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...
CVE-2011-0766
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...
CVE-2011-0766
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...
CVE-2011-0766
CVE-2011-0766 affects the Crypto application (before 2.0.2.2) and SSH (before 2.0.5) as used by the Erlang/OTP SSH library before R14B03. The root cause is the use of predictable seeds based on the current time for the random number generator, enabling remote attackers to guess DSA host and SSH s...
CVE-2011-0766
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...