94 matches found
CVE-2026-46473
Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...
CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts
Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...
UBUNTU-CVE-2026-8700
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...
PT-2026-41376
Name of the Vulnerable Software and Affected Versions Crypt::DSA versions prior to 1.20 Description Seeds are generated using the built-in rand function in Perl, which is predictable and unsuitable for security purposes. Recommendations Update to version 1.20 or later...
WebDyne::Session 安全特征问题漏洞
WebDyne::Session is a server-side component developed by ASPEER’s individual developers, used for session management in web applications. Versions of WebDyne::Session 2.075 and earlier contained security vulnerabilities. These vulnerabilities stemmed from insecure session ID generation. The sessi...
CVE-2026-5080
Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...
CVE-2026-5085
Solstice::Session versions through 1440 for Perl generates session ids insecurely. The generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand function and the process id. The same method is used in the generateID method in...
CVE-2025-15578
Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id is seeded with the system time which is available from HTTP response headers, a call to the built-in rand function, and the PID...
MetaCPAN WWW::OAuth 安全漏洞
MetaCPAN WWW::OAuth is a Perl authentication library developed by the MetaCPAN Foundation. Versions of MetaCPAN WWW::OAuth 1.000 and earlier contained a security vulnerability. This vulnerability stemmed from using the rand function as the default entropy source for encryption functions, which is...
CVE-2025-40905 WWW::OAuth 1.000 and earlier for Perl uses insecure rand() function for cryptographic functions
WWW::OAuth 1.000 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions...
EUVD-2025-201876
WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword to create passwords using PHP's rand. rand is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege...
EUVD-2002-1494
Malware in sbrugna...
EUVD-2009-4294
Malware in sbrugna...
EUVD-2024-54369
Malicious code in bioql PyPI...
EUVD-2025-8117
Malicious code in bioql PyPI...
EUVD-2024-54366
Malicious code in bioql PyPI...
EUVD-2025-8533
Malicious code in bioql PyPI...
EUVD-2022-4985
Malicious code in bioql PyPI...
EUVD-2025-13365
Malicious code in bioql PyPI...
EUVD-2025-10846
Malicious code in bioql PyPI...