CVE-2024-58311 Dormakaba Saflok System 6000 Key Generation Cryptographic Weakness

Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation...

CVE-2025-14442

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to sensitive information exposure due to storage of exported CSV files in a publicly accessible directory with predictable filenames in all versions up to, and including, 4.9.2. This makes it possible for...

PT-2025-50973

Name of the Vulnerable Software and Affected Versions Dormakaba Saflok System 6000 affected versions not specified Description The Dormakaba Saflok System 6000 uses a key generation algorithm that is predictable. This allows attackers to calculate card access keys from a 32-bit unique identifier...

Dormakaba Saflok System 安全漏洞

Dormakaba Saflok System is a hotel access control and security management system from Dormakaba USA. A security vulnerability exists in Dormakaba Saflok System 6000 that stems from a predictable key generation algorithm that could lead to the derivation of card access keys...

PT-2025-50926

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to sensitive information exposure due to storage of exported CSV files in a publicly accessible directory with predictable filenames in all versions up to, and including, 4.9.2. This makes it possible for...

CVE-2025-13955

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers...

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2025-2454)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS...

CVE-2025-13955

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers...

CVE-2025-13955

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II before version 1.17478.177 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers...

CVE-2025-13955

CVE-2025-13955 describes a vulnerability in EZCast Pro II dongle (software version 1.17478.146) where the Wi‑Fi access point password is predictable. Attackers within Wi‑Fi range can deduce the default password from observable device identifiers, granting access to the dongle. The vulnerability i...

CVE-2025-66565

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

CVE-2025-66565

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

CVE-2025-41692 Weak/Predictable root Password

A high privileged remote attacker with admin privileges for the webUI can brute-force the "root" and "user" passwords of the underlying OS due to a weak password generation algorithm...

EUVD-2025-201791

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

CVE-2025-66565 Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

CVE-2025-66565

Fiber Utils (github.com/gofiber/utils) has a vulnerability in UUIDv4() and UUID() where crypto/rand.Read() failures trigger silent fallbacks to predictable UUID values, including the zero UUID 00000000-0000-0000-0000-000000000000. This root cause affects versions up to 2.0.0-rc.3; the issue is fi...

CVE-2025-66565 Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

PT-2025-49761

Name of the Vulnerable Software and Affected Versions Fiber Utils versions 2.0.0-rc.3 and below Description Fiber Utils is a collection of functions for Fiber. In versions 2.0.0-rc.3 and below, if the system’s cryptographic random number generator crypto/rand fails, the software silently reverts ...

Fiber Utils 安全特征问题漏洞

Fiber Utils is a general-purpose function library in the Fiber open source. A security feature issue vulnerability exists in Fiber Utils 2.0.0-rc.3 and earlier versions, which stems from the return of a predictable UUID on failure of the random number generator, which could lead to compromised...

PT-2025-49779

WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword to create passwords using PHP's rand. rand is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege...