cap-exploit-poc

cap-exploit-poc This repository contai...

EUVD-2026-17999

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator PRNG...

RockyLinux 9 : bind9.18 (RLSA-2025:21111)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21111 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 bind: Resource exhaustion via...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RHEL 9 : bind (RHSA-2025:21110)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21110 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

bind security update

9.16.23-31.0.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-31.2 - Replace downstream fixes with upstream changes 32:9.16.23-31.1 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Address various spoofing attacks CVE-2025-40778...

RejSCore: Rejection Sampling Core for Multivariate-Based Public Key Cryptography

Post-quantum multivariate public key cryptography MPKC schemes resist quantum threats but require heavy operations, such as rejection sampling, which challenge resource-limited devices. Prior hardware designs have addressed various aspects of MPKC signature generation. However, rejection sampling...

EUVD-2025-35623

Sakai kernel-impl: predictable PRNG used to generate server‑side encryption key in EncryptionUtilityServiceImpl...

Lightweight Hybrid Block-Stream Cryptographic Algorithm for the Internet of Things

In this thesis, a novel lightweight hybrid encryption algorithm named SEPAR is proposed, featuring a 16-bit block length and a 128-bit initialization vector. The algorithm is designed specifically for application in Internet of Things IoT technology devices. The design concept of this algorithm i...

The vulnerability of the SSH client ssh-slave in Jenkins automation servers arises from errors in the code of the pseudorandom number generator used for generating host keys. This vulnerability allows an attacker to execute a “man-in-the-middle” type attack.

The vulnerability of the SSH client ssh-slave in Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” type attack...

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. bsc1225889 CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffe...

SUSE-SU-2025:0503-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. bsc1225889 - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 - CVE-2023-45230:...

SUSE CVE-2024-36048

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values...

Motorola MTM5000 Security Feature Issue Vulnerability

The Motorola MTM5000 is a mobile radio from Motorola, USA. The Motorola MTM5000 suffers from a security vulnerability that stems from the use of PRNG to generate TETRA authentication polls and the use of the tick count register as its only source of entropy, which can be exploited by an attacker ...

CVE-2022-48506

A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct ICP and ICP2 and ImageCast Evolution ICE scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of...

PT-2023-15832 · Dominion Voting Systems · Imagecast Evolution +2

Name of the Vulnerable Software and Affected Versions: Democracy Suite versions 5.2, 5.4-NM, 5.5, 5.5-A, 5.5-B, 5.5-C, 5.5-D, 5.7-A, 5.10, 5.10A, 5.15 Description: A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct ICP and ICP2 and ImageCast Evolution ICE scanner...

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions allows a hacker to gain unauthorized access to protected information.

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions is related to errors in the code of the pseudorandom number generator. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the FortiMail IBE (Identity-Based Encryption) service of the FortiMail email protection system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of FortiMail IBE’s Identity-Based Encryption service in the email protection system is related to errors in the code of the pseudorandom number generator. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected informatio...

Exploit for CVE-2017-3000

CVE-2017-3000 A full exploit of CVE-2017-3000...

The vulnerability of the OpenSSL library, which allows a hacker to bypass the cryptographic security measures

The vulnerability of the ssl3clienthello function in the OpenSSL library is related to insufficient guarantees for the correct initialization of the pseudorandom number generator before the handshake process. Exploiting this vulnerability allows a malicious actor to bypass cryptographic security...