7 matches found
PYSEC-2025-112
DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...
Use of Predictable Algorithm in Random Number Generator
Overview Affected versions of this package are vulnerable to Use of Predictable Algorithm in Random Number Generator via the RANDpoll function. An attacker can obtain predictable random values by invoking RANDbytes after a fork operation in affected applications. This is only exploitable if the...
openssl: Crash in ssleay_rand_bytes due to locking regression
A regression was found in the ssleayrandbytes function in the versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7. This regression could cause a multi-threaded application to crash...
The vulnerability of the OpenSSL library, which allows a hacker to trigger a service failure
The vulnerability of the ssleayrandbytes function in the OpenSSL library is related to buffer overflows in dynamic memory, caused by integer overflows. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by establishing multiple TLS sessions remotely...
OpenSSL 'ssleay_rand_bytes()' function denial of service vulnerability
OpenSSL is an open source implementation of SSL for strong encryption of network communications, and is now widely used in a variety of network applications. A security vulnerability in OpenSSL in Red Hat allows a remote attacker to send special data to a target multithreaded reference that uses...
openssl: Crash in ssleay_rand_bytes due to locking regression
A regression was found in the ssleayrandbytes function in the versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7. This regression could cause a multi-threaded application to crash...
MGASA-2014-0144 Updated stunnel package fixes security vulnerability
A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary applications, performed reinitialization of PRNG after fork. When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset...