351 matches found
CVE-2025-40905
WWW::OAuth 1.000 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions...
CVE-2025-40905
WWW::OAuth 1.000 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions...
MetaCPAN WWW::OAuth 安全漏洞
MetaCPAN WWW::OAuth is a Perl authentication library developed by the MetaCPAN Foundation. Versions of MetaCPAN WWW::OAuth 1.000 and earlier contained a security vulnerability. This vulnerability stemmed from using the rand function as the default entropy source for encryption functions, which is...
CVE-2025-40905
WWW::OAuth 1.000 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions...
CVE-2025-40905 WWW::OAuth 1.000 and earlier for Perl uses insecure rand() function for cryptographic functions
WWW::OAuth 1.000 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions...
CVE-2009-4326
The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature DPF is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicti...
EUVD-2026-0745
Malicious code in @nitaiapiiro/randemoji npm...
Malicious code in @nitaiapiiro/rand_emoji (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686999eb6a9720383d59bbca502497c33b67e49cd4f21b0fd3eba33d9be8aefe The package @nitaiapiiro/randemoji was found to contain malicious code...
MAL-2026-8 Malicious code in @nitaiapiiro/rand_emoji (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686999eb6a9720383d59bbca502497c33b67e49cd4f21b0fd3eba33d9be8aefe The package @nitaiapiiro/randemoji was found to contain malicious code...
CVE-2025-66565
Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...
EUVD-2025-201876
WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword to create passwords using PHP's rand. rand is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege...
RUSTSEC-2025-0124 rand_os crate is unmaintained
The randos crate is deprecated and no longer actively maintained, as OsRng is now part of randcore. If you are using this crate, consider upgrading to randcore 0.5.1 or higher...
PYSEC-2025-112
DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...
MGASA-2025-0279 Updated perl-Data-Entropy packages fix security vulnerability
Data::Entropy for Perl uses insecure rand function for cryptographic functions. CVE-2025-1860...
EUVD-2021-27007
Malware in sbrugna...
EUVD-2018-10107
Malware in sbrugna...
EUVD-2009-4294
Malware in sbrugna...
EUVD-2002-1494
Malware in sbrugna...
EUVD-2024-54366
Malicious code in bioql PyPI...
EUVD-2024-54369
Malicious code in bioql PyPI...