CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

UBUNTU-CVE-2026-8700

Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

PT-2026-41376

Name of the Vulnerable Software and Affected Versions Crypt::DSA versions prior to 1.20 Description Seeds are generated using the built-in rand function in Perl, which is predictable and unsuitable for security purposes. Recommendations Update to version 1.20 or later...

WebDyne::Session 安全特征问题漏洞

WebDyne::Session is a server-side component developed by ASPEER’s individual developers, used for session management in web applications. Versions of WebDyne::Session 2.075 and earlier contained security vulnerabilities. These vulnerabilities stemmed from insecure session ID generation. The sessi...

CVE-2026-5080

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

CVE-2026-5085

Solstice::Session versions through 1440 for Perl generates session ids insecurely. The generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand function and the process id. The same method is used in the generateID method in...

CVE-2025-15578

Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id is seeded with the system time which is available from HTTP response headers, a call to the built-in rand function, and the PID...

MetaCPAN WWW::OAuth 安全漏洞

MetaCPAN WWW::OAuth is a Perl authentication library developed by the MetaCPAN Foundation. Versions of MetaCPAN WWW::OAuth 1.000 and earlier contained a security vulnerability. This vulnerability stemmed from using the rand function as the default entropy source for encryption functions, which is...

CVE-2025-40905 WWW::OAuth 1.000 and earlier for Perl uses insecure rand() function for cryptographic functions

WWW::OAuth 1.000 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions...

EUVD-2025-201876

WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword to create passwords using PHP's rand. rand is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege...

EUVD-2009-4294

Malware in sbrugna...

EUVD-2002-1494

Malware in sbrugna...

EUVD-2024-54366

Malicious code in bioql PyPI...

EUVD-2025-13365

Malicious code in bioql PyPI...

EUVD-2024-54369

Malicious code in bioql PyPI...

EUVD-2022-4985

Malicious code in bioql PyPI...

EUVD-2025-10846

Malicious code in bioql PyPI...

EUVD-2025-8533

Malicious code in bioql PyPI...

EUVD-2025-7415

Malicious code in bioql PyPI...

EUVD-2025-8117

Malicious code in bioql PyPI...