CVE-2017-2550

Vulnerability in Easy Joomla Backup v3.2.4. The software creates a copy of the backup in the web root with an easily guessable filename...

NTP 'ntp-keygen.c' Predictable Random Number Generation Vulnerability

NTP Network Time Protocol is a protocol for synchronizing computer clocks over a network. A predictable random number generation vulnerability exists in NTP. An attacker can exploit this vulnerability to guess the MD5 key and spoof the client or server...

Authentication flaw

DISPUTED An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the...

CVE-2017-9855

An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the installer...

CVE-2017-9855

An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the installer...

CVE-2017-9855

An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single Grid Guard code can be used on any SMA inverter. Any such code, when combined with the installer...

Predictable Password Recovery

Moodle is vulnerable to predictable password recovery. The vulnerability exists because of not enough randomization of PHP mtrand function used in randomstring and complexrandomstring functions...

CVE-2017-11519

TP-Link Archer C9(UN)_V2_160517 is affected by CVE-2017-11519 due to a predictable RNG seed in passwd_recovery.lua, enabling an attacker to reset the admin password over the network. The issue is fixed in firmware C9(UN)_V2_170511. If exploited, impact is administrator password reset; CVSS metric...

Five reasons you need to join an MSP program… today!

Managed service providers MSPs offer a broad set of services to their customers, including configuring, managing, maintaining, monitoring and securing increasingly complex IT environments. In addition, they also have a business to run, employees to manage, technician utilization to monitor, profi...

CVE-2017-7501

It was found that rpm uses temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which coul...

CVE-2017-6030

A Predictable Value Range from Previous Values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

CVE-2017-6030

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-7901

A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series...

CVE-2017-6030 Schneider Electric Modicon PLCs Predictable Value Range from Previous Values

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The affected...

CVE-2017-7901

CVE-2017-7901 affects Rockwell Automation Allen-Bradley MicroLogix 1100 (1763-L16A.. series A/B, 16.00 and earlier) and MicroLogix 1400 (1766-L32A.. series A/B, 16.00 and earlier). Root cause: generation of insufficiently random TCP initial sequence numbers , enabling an attacker to predict numbe...

CVE-2017-6030

CVE-2017-6030 affects Schneider Electric Modicon PLCs (M221, M241, M251) with firmware versions prior to 1.5.0.0 (M221) and prior to 4.0.5.11 (M241/M251). The issue is a Predictable Value Range from Previous Values causing insufficiently random TCP initial sequence numbers, enabling an attacker t...

PT-2017-17982 · Rockwell Automation · Micrologix 1100 +1

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers versions 16.00 and prior Rockwell Automation Allen-Bradley MicroLogix 1400 programmable logic controllers versions 16.00 and prior Description: A Predictable Val...

MGASA-2017-0169 Updated libxslt packages fix security vulnerability

The libxslt library failed to seed its random number generator, resulting in predictable random values CVE-2015-9019...

Code injection

The Codextrous B2J Contact aka b2jcontact extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files...