Linux Distros Unpatched Vulnerability : CVE-2023-34049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an...

CVE-2025-6519

E3 Site Supervisor firmware version 2.31F01 has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user...

CVE-2025-6519

E3 Site Supervisor firmware version 2.31F01 has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user...

CVE-2025-52549 Predictable root linux password generation

E3 Site Supervisor Control firmware version 2.31F01 generates the root linux password on each boot. An attacker can generate the root linux password for a vulnerable device based on known or easy to fetch parameters...

CVE-2025-52549 Predictable root linux password generation

E3 Site Supervisor Control firmware version 2.31F01 generates the root linux password on each boot. An attacker can generate the root linux password for a vulnerable device based on known or easy to fetch parameters...

CVE-2025-6519

CVE-2025-6519 overview (confirmed details) : Affects Copeland E3 Site Supervisor firmware versions prior to 2.31F01. The vulnerability stems from a default admin account named “ONEDAY” that uses a daily-generated password which can be predicted. The ONEDAY user cannot be deleted or modified by an...

CVE-2025-6519 Consistent predictable generation of the password for the default admin user "ONEDAY" to the application services

E3 Site Supervisor firmware version 2.31F01 has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user...

Copeland E3 Supervisory Control 安全漏洞

Copeland E3 Supervisory Control is an industrial equipment control system from Copeland, USA. A security vulnerability exists in Copeland E3 Supervisory Control versions prior to 2.31F01 that stems from a predictable default user ONEDAY password...

PT-2025-35562

Name of the Vulnerable Software and Affected Versions: E3 Site Supervisor versions prior to 2.31F01 Description: E3 Site Supervisor firmware contains a default administrator account, ONEDAY, with a daily generated password that is predictable. The ONEDAY user cannot be deleted or modified...

Linux Distros Unpatched Vulnerability : CVE-2019-12779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames under /dev/shm and /tmp without...

Linux Distros Unpatched Vulnerability : CVE-2022-40299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Singular before 4.3.1, a predictable /tmp pathname is used e.g., by sdb.cc, which allows local users to gain the privileges of other users via a procedure in...

Linux Distros Unpatched Vulnerability : CVE-2024-45751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tgt aka Linux target framework before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of...

Linux Distros Unpatched Vulnerability : CVE-2013-4441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context- dependent attackers to guess the password via a brute-force...

Linux Distros Unpatched Vulnerability : CVE-2025-40924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple...

CVE-2025-20613

Predictable Seed in Pseudo-Random Number Generator PRNG in the firmware for some IntelR TDX may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2025-7773

A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web server’s session number increments at an interval that correlates to the last two consecutive sign in session interval, making it predictable...

PT-2025-33283 · Unknown · Armorblock 5000 +1

Name of the Vulnerable Software and Affected Versions: ArmorBlock 5000 affected versions not specified Description: A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web server’s session number increments at an interval that correlates to the last two...

CVE-2025-20613

Predictable Seed in Pseudo-Random Number Generator PRNG in the firmware for some IntelR TDX may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2025-20613

CVE-2025-20613 affects Intel® TDX firmware. A predictable seed in the firmware PRNG may allow an authenticated local user to cause information disclosure. Intel lists Intel® TDX firmware vulnerabilities and provides firmware updates as the mitigation; affected Intel Xeon® processors prior to upda...

CVE-2025-20613

Predictable Seed in Pseudo-Random Number Generator PRNG in the firmware for some IntelR TDX may allow an authenticated user to potentially enable information disclosure via local access...