3054 matches found
CVE-2025-32874
An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encryptbyte clearData derives both the encryption key and...
PT-2025-30102
Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description The OpenSSL compatibility layer implementation had an issue with the RAND poll function, potentially leading to predictable values returned from RAND bytes after a fork call. This could resul...
CVE-2025-40924
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
DEBIAN-CVE-2025-40924
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
CVE-2025-40924 Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
CVE-2025-40924 Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
SUSE CVE-2025-40923
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...
DEBIAN-CVE-2025-40923
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...
CVE-2025-40923
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...
CVE-2025-32874
An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encryptbyte clearData derives both the encryption key and...
CVE-2025-32874
An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encryptbyte clearData derives both the encryption key and...
CVE-2025-32874
CVE-2025-32874 affects Kaseya Rapid Fire Tools Network Detective up to version 2.0.16.0. The issue is in the EncryptionUtil class where symmetric encryption is implemented deterministically; the key and IV are derived from a fixed, hardcoded input using a static salt. As a result, identical plain...
The vulnerability of the cross-platform software development framework Qt, related to a predictable initial number in the pseudorandom number generator, allows a hacker to bypass authentication.
The vulnerability of the cross-platform software development framework Qt is related to a predictable initial number in the pseudorandom number generator. Exploiting this vulnerability can allow an attacker to bypass authentication...
socat: arbitrary file overwrite via predictable /tmp directory
A flaw was found in the readline.sh script of Socat through version 1.8.0.1. This vulnerability can allow attackers to exploit improper use of a predictable temporary file...
Moderate: socat security update
The socat utility establishes bi-directional byte streams and transfers data between them. The utility can establish streams between a large set of channels, such as files, pipes, devices, and sockets. Security Fixes: socat: arbitrary file overwrite via predictable /tmp directory CVE-2024-54661 F...
socat: arbitrary file overwrite via predictable /tmp directory
A flaw was found in the readline.sh script of Socat through version 1.8.0.1. This vulnerability can allow attackers to exploit improper use of a predictable temporary file...
socat: arbitrary file overwrite via predictable /tmp directory
A flaw was found in the readline.sh script of Socat through version 1.8.0.1. This vulnerability can allow attackers to exploit improper use of a predictable temporary file...
socat: arbitrary file overwrite via predictable /tmp directory
A flaw was found in the readline.sh script of Socat through version 1.8.0.1. This vulnerability can allow attackers to exploit improper use of a predictable temporary file...
WordPress plugin Contact Form by Bit Form 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. An information disclosure vulnerabili...
CVE-2015-0849
pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability...