CVE-2025-13079 Popup Builder - Create highly converting, mobile friendly marketing popups. <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data. This makes it...

CVE-2025-13079 Popup Builder - Create highly converting, mobile friendly marketing popups. <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data. This makes it...

CVE-2025-13079

CVE-2025-13079 concerns the WordPress plugin “Popup Builder” (versions

PT-2026-20882

Name of the Vulnerable Software and Affected Versions Spring Data Geode affected versions not specified Description The software has a flaw related to insecure directory usage during snapshot imports. Specifically, archives are extracted into predictable and overly permissive directories within t...

WordPress Popup Builder plugin <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens vulnerability

Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Popup Builder versions = 4.4.2...

CVE-2025-0577

An insufficient entropy vulnerability was found in glibc. The getrandom and arc4random family of functions may return predictable randomness if these functions are called again after the fork, which happens concurrently with a call to any of these functions...

CVE-2025-0577 Glibc: vdso getrandom acceleration may return predictable randomness

An insufficient entropy vulnerability was found in glibc. The getrandom and arc4random family of functions may return predictable randomness if these functions are called again after the fork, which happens concurrently with a call to any of these functions...

WordPress plugin Magic Login Mail or QR Code 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-26218

newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisioned with a predictable default password. Deployments that initialize or reset the database using the provided schema and fail to change the default administrative credentials m...

CVE-2019-25322

Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm page with predictable admin login credentials. Attackers can access the device by using the hard-coded username 'admin' and password 'admin' in the hidden form input fields...

CVE-2026-26218

CVE-2026-26218 affects newbee-mall where the database initialization script seeds administrator accounts with a predictable default password. This enables unauthenticated attackers to log in as an administrator and gain full control of the application if the default credentials are not changed du...

BrightSign OS 安全漏洞

BrightSign OS is an operating system designed for hardware players by the American company BrightSign. Versions prior to BrightSign OS Series 4 v8.5.53.1 and Series 5 v9.0.166 contained security vulnerabilities. These vulnerabilities stemmed from the use of predictable default passwords, which...

newbee-mall 信任管理问题漏洞

newbee-mall is an e-commerce system developed under open source by newbee. newbee-mall has a vulnerability related to trust management. This vulnerability stems from the database initialization script, which includes pre-set administrator accounts with predictable default passwords. This allows...

PT-2026-7887

Name of the Vulnerable Software and Affected Versions newbee-mall affected versions not specified Description The application includes pre-seeded administrator accounts in its database initialization script, which are provisioned with a predictable default password. Deployments that initialize or...

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG due to the UUIDv4 and UUID functions silently returning predictable values, such as the zero UUID, when the cryptographic random number generator fails. An attacker can...

CVE-2025-66630 Fiber insecurely fallsback in utils.UUIDv4() / utils.UUID() — predictable / zero‑UUID on crypto/rand failure

Fiber is an Express inspired web framework written in Go. Before 2.52.11, on Go versions prior to 1.24, the underlying crypto/rand implementation can return an error if secure randomness cannot be obtained. Because no error is returned by the Fiber v2 UUID functions, application code may...

CVE-2025-66630

Fiber is an Express inspired web framework written in Go. Before 2.52.11, on Go versions prior to 1.24, the underlying crypto/rand implementation can return an error if secure randomness cannot be obtained. Because no error is returned by the Fiber v2 UUID functions, application code may...

CVE-2025-66630

Fiber is a Go web framework. Before 2.52.11 and on Go

Fiber 安全特征问题漏洞

Fiber is Fiber open source an open source Web framework written in Go language . Fiber suffers from a security signature issue vulnerability. The vulnerability stems from an error not returned by the UUID function and can be exploited by an attacker to use predictable or low entropy identifiers i...

PT-2026-7122

Name of the Vulnerable Software and Affected Versions Fiber versions prior to 2.52.11 Fiber versions prior to 2.52.11 running on Go versions prior to 1.24 Description The Fiber framework, an Express-inspired web framework written in Go, is susceptible to generating predictable identifiers when...