3096 matches found
openSUSE 15 Security Update : EternalTerminal (openSUSE-SU-2023:0041-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0041-1 advisory. - In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. CVE-2022-48257 - In Eternal Terminal 6.2.1, etserver a...
go.uuid has Predictable UUID Identifiers
CVE Description for go.uuid A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker. Updat...
GHSA-33M6-Q9V5-62R7 go.uuid has Predictable UUID Identifiers
CVE Description for go.uuid A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker. Updat...
The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the use of one-way hashing with predictable random data. This allows attackers to gain unauthorized access to protected information.
The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the use of one-way hashing with predictable random data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information by sending...
Information Disclosure
github.com/rancher/rancher is vulnerable to Information Disclosure. The vulnerability exists because the cattle-token secret used by the cattle-cluster-agent is predictable , which allows an attacker to predict the secret values even after the token is regenerated...
Rancher cattle-token is predictable
Impact An issue was discovered in Rancher versions up to and including 2.6.9 and 2.7.0, where the cattle-token secret, used by the cattle-cluster-agent, is predictable. Even after the token is regenerated, it will have the same value. This issue is not present in Rancher 2.5 releases. The...
GHSA-8C69-R38J-RPFJ Rancher cattle-token is predictable
Impact An issue was discovered in Rancher versions up to and including 2.6.9 and 2.7.0, where the cattle-token secret, used by the cattle-cluster-agent, is predictable. Even after the token is regenerated, it will have the same value. This issue is not present in Rancher 2.5 releases. The...
FusionCMS (FusionGen) Takeover account - Predictable Key and Password Generation in Password Recovery Feature
Description It was discovered that the password recovery feature on the website is vulnerable to predictable key and password generation. An attacker is able to predict the key used in the password recovery process and the generated password itself by using a specific PHP command and the user's...
CVE-2022-40267
Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...
CVE-2022-40267
Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...
Authentication flaw
Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...
CVE-2022-40267 Authentication Bypass Vulnerability in Web Server Function on MELSEC Series
Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...
CVE-2022-40267 Authentication Bypass Vulnerability in Web Server Function on MELSEC Series
Predictable Seed in Pseudo-Random Number Generator PRNG vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS with serial number 17X or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z...
Mitsubishi Electric MELSEC iQ-F, iQ-R Series
1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F and iQ-R Series products Vulnerability: Predictable Seed in Pseudo-Random Number Generator PRNG 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the...
CVE-2022-48257
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp...
CVE-2022-48257
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp...
Code injection
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp...
Eternal Terminal 安全漏洞
Eternal Terminal is a remote shell by Jason Gauci Personal Developer. A security vulnerability exists in Eternal Terminal version 6.2.1 that stems from its etserver and etclient having predictable log file names in /tmp...
CVE-2022-48257
CVE-2022-48257 affects EternalTerminal
CVE-2022-48257
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp...