3054 matches found
CVE-2025-55069
A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software implements a predictable seed for its pseudo-random number generator, which compromises the security of the...
CVE-2025-55069
The affected product is AutomationDirect CLICK PLUS with firmware version 3.60 (Click Plus PLC). A root cause is a predictable seed in the pseudo-random number generator, which compromises the security of generated private keys. Practical impact is potential exposure or manipulation of cryptograp...
CVE-2025-55069 AutomationDirect CLICK PLUS Predictable Seed in Pseudo-Random Number Generator
A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software implements a predictable seed for its pseudo-random number generator, which compromises the security of the...
CVE-2025-55069 AutomationDirect CLICK PLUS Predictable Seed in Pseudo-Random Number Generator
A predictable seed in pseudo-random number generator vulnerability has been discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software implements a predictable seed for its pseudo-random number generator, which compromises the security of the...
PT-2025-39222
Name of the Vulnerable Software and Affected Versions Click Plus PLC firmware version 3.60 Description A flaw exists in the pseudo-random number generator due to a predictable seed. This compromises the security of generated private keys. Recommendations Update to a newer firmware version that...
Fedora: Security Advisory (FEDORA-2025-97ae15dc56)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-40925
Starch versions 0.14 and earlier generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of numbers, and the epoch...
CVE-2025-40925 Starch versions 0.14 and earlier generate session ids insecurely
Starch versions 0.14 and earlier generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of numbers, and the epoch...
CVE-2025-40925
Starch versions 0.14 and earlier are affected. The insecure session-id generator uses a SHA-1 hash seeded with a counter, epoch time, the built‑in rand, the PID, and Perl reference addresses, making session IDs predictable and potentially enabling unauthorized access. The issue is confirmed acros...
CVE-2025-40925 Starch versions 0.14 and earlier generate session ids insecurely
Starch versions 0.14 and earlier generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of numbers, and the epoch...
PT-2025-38638
Name of the Vulnerable Software and Affected Versions Starch versions 0.14 and earlier Description Starch generates session IDs insecurely. The default session ID generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference...
CVE-2025-10205
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2025-10205
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2025-10205 Predictable Salt and Weak Hashing Algorithm
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2025-10205 Predictable Salt and Weak Hashing Algorithm
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2025-10205
CVE-2025-10205 affects ABB FLXEON controllers (through 9.3.5 and newer). The issue arises from using a one-way hash with a predictable salt and low-entropy MD5 salt storage, enabling credential-related weaknesses and contributing to a remote code execution risk due to improper input validation. P...
CVE-2025-40933 Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely
Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely. Session ids are generated using an MD5 hash of the epoch time and a call to the built-in rand function. The epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is...
PT-2025-38160
Name of the Vulnerable Software and Affected Versions: Apache::AuthAny::Cookie versions 0.201 and earlier Description: The software generates session IDs insecurely using an MD5 hash of the epoch time and the rand function. The epoch time may be guessable if not concealed by the HTTP Date header,...
PT-2025-38219
Name of the Vulnerable Software and Affected Versions: ABB FLXEON versions through 9.3.5 and newer versions Description: The software uses a one-way hash with a predictable salt. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerabili...
CVE-2025-7448
Wi-SUN unexpected 4- Way Handshake packet receptions may lead to predictable keys and potentially leading to Man in the middle MitM attack...