3054 matches found
PT-2024-36558 · Colpack +1 · Colpack +1
Name of the Vulnerable Software and Affected Versions: ColPack versions 1.0.10 through 9a7293a Description: The issue is related to the creation of predictable temporary files in ColPack, located under /tmp with names derived from an unseeded Random Number Generator RNG. This can lead to...
CVE-2024-55566
CVE-2024-55566 affects ColPack 1.0.10 through 9a7293a. A predictable temporary file in /tmp (name derived from an unseeded RNG) can lead to overwriting files or making ColPack graphing unavailable to other users. The provided documents do not specify the exact patched version; Fedora advisories n...
CVE-2024-55566
ColPack 1.0.10 through 9a7293a has a predictable temporary file located under /tmp with a name derived from an unseeded RNG. The impact can be overwriting files or making ColPack graphing unavailable to other users...
SUSE-SU-2024:4225-1 Security update for avahi
This update for avahi fixes the following issues: - CVE-2024-52616: Fixed Avahi Wide-Area DNS Predictable Transaction IDs bsc1233420...
CVE-2024-53702
Use of cryptographically weak pseudo-random number generator PRNG vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret...
Security update for avahi
This update for avahi fixes the following issues: CVE-2024-52616: Fixed Avahi Wide-Area DNS Predictable Transaction IDs bsc1233420 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
Inadequate Encryption Strength
github.com/apache/incubator-answer is vulnerable to Inadequate Encryption Strength. The vulnerability is due to the use of UUID v1 for token generation, which incorporates predictable elements like timestamps and node identifiers, allowing an attacker to predict or forge UUID tokens, potentially...
GO-2024-3287 Apache Answer: Predictable Authorization Token Using UUIDv1 in github.com/apache/incubator-answer
Apache Answer: Predictable Authorization Token Using UUIDv1 in github.com/apache/incubator-answer...
Apache Answer: Predictable Authorization Token Using UUIDv1
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
GHSA-MR95-VFCF-FX9P Apache Answer: Predictable Authorization Token Using UUIDv1
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
CVE-2024-45719 Apache Answer: Predictable Authorization Token Using UUIDv1
Inadequate Encryption Strength vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.0. The ids generated using the UUID v1 version are to some extent not secure enough. It can cause the generated token to be predictable. Users are recommended to upgrade to version 1.4.1,...
Apache Answer 安全漏洞
Apache Answer is a community platform of the Apache USA Foundation. A security vulnerability exists in Apache Answer versions 1.4.0 and earlier, which stems from insufficient cryptographic strength and could result in the generation of tokens that are predictable...
CVE-2024-52616
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs...
CVE-2024-52616 Avahi: avahi wide-area dns predictable transaction ids
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs...
CVE-2024-52616
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs...
CVE-2024-52616
CVE-2024-52616 affects the Avahi-daemon. The vulnerability arises because DNS transaction IDs are initialized randomly only at startup and then incremented, making it possible for an attacker to predict IDs and perform DNS spoofing. The connected documents confirm the issue and reference the same...
CVE-2024-52616
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs...
CVE-2024-52616
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs...
PT-2024-35401 · Unknown +4 · Avahi-Daemon +4
Name of the Vulnerable Software and Affected Versions: Avahi-daemon affected versions not specified Description: A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior...