CVE-2022-42159

CVE-2022-42159 affects D-Link COVR 1200/1202/1203 v1.08. The issue is a predictable seed in the device’s pseudo-random number generator, as described across multiple sources. Documented impact is limited in the provided materials; exploitation details are not listed. Some connected sources (PT-20...

CVE-2022-42159

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator...

Code injection

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...

DEBIAN-CVE-2022-31008

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...

CVE-2022-31008 Predictable credential obfuscation seed value used in rabbitmq-server

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...

CVE-2022-31008

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...

CVE-2022-35893

The CVE-2022-35893 issue affects Insyde InsydeH2O (kernel 5.0–5.5). A memory corruption fault in the FvbServicesRuntimeDxe driver permits writes to SMRAM, enabling escalation to SMM. Public details indicate the vulnerability resides in InsydeH2O and is associated with SMM memory corruption, with ...

GHSA-CMR8-5W4C-44V8 Fastly Compute@Edge JS Runtime has fixed random number seed during compilation

Impact Math.random and crypto.getRandomValues methods failed to use sufficiently random values. The initial value to seed the CSPRNG cryptographically secure pseudorandom number generator was baked-in to the final WebAssembly module meaning the sequence of numbers generated was predictable for th...

Fastly Compute@Edge JS Runtime has fixed random number seed during compilation

Impact Math.random and crypto.getRandomValues methods failed to use sufficiently random values. The initial value to seed the CSPRNG cryptographically secure pseudorandom number generator was baked-in to the final WebAssembly module meaning the sequence of numbers generated was predictable for th...

CVE-2022-39218 Random number seed fixed during compilation

The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the Math.random and crypto.getRandomValues methods fail to use sufficiently random values. The initial value to seed...

PT-2022-24817 · Unknown · Js Compute Runtime

Name of the Vulnerable Software and Affected Versions: JS Compute Runtime versions prior to 0.5.3 Description: The Math.random and crypto.getRandomValues methods fail to use sufficiently random values, making the sequence of random values predictable. An attacker can use the fixed seed to predict...

CVE-2021-42949

The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...

CVE-2021-42949

The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...

Authentication flaw

The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...

UBUNTU-CVE-2021-42949

The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...

HotelDruid 授权问题漏洞

HotelDruid is a hotel management system by the Digitaldruid.net team. The system includes features such as room management, financial management and inventory management. HotelDruid Hotel Management Software version v3.0.3 suffers from an authorization issue vulnerability that stems from the...

CVE-2022-40299

In Singular before 4.3.1, a predictable /tmp pathname is used e.g., by sdb.cc, which allows local users to gain the privileges of other users via a procedure in a file under /tmp. NOTE: this CVE Record is about sdb.cc and similar files in the Singular interface that have predictable /tmp pathname...

CVE-2022-40299

In Singular before 4.3.1, a predictable /tmp pathname is used e.g., by sdb.cc, which allows local users to gain the privileges of other users via a procedure in a file under /tmp. NOTE: this CVE Record is about sdb.cc and similar files in the Singular interface that have predictable /tmp pathname...

CVE-2022-40299

In Singular before 4.3.1, a predictable /tmp pathname is used e.g., by sdb.cc, which allows local users to gain the privileges of other users via a procedure in a file under /tmp. NOTE: this CVE Record is about sdb.cc and similar files in the Singular interface that have predictable /tmp pathname...

UBUNTU-CVE-2022-40299

In Singular before 4.3.1, a predictable /tmp pathname is used e.g., by sdb.cc, which allows local users to gain the privileges of other users via a procedure in a file under /tmp. NOTE: this CVE Record is about sdb.cc and similar files in the Singular interface that have predictable /tmp pathname...