Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-13199

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS5.9AI score0.00119EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:21 a.m.10 views

CVE-2023-42820

JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local...

8.2CVSS6.9AI score0.05404EPSS
Exploits4
NVD
NVD
added 2023/09/27 3:19 p.m.34 views

CVE-2023-42820

JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local...

8.2CVSS7.4AI score0.05404EPSS
Exploits4References2
Prion
Prion
added 2023/09/27 3:19 p.m.25 views

Design/Logic Flaw

JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local...

6.4CVSS8.2AI score0.05404EPSS
Exploits4References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/09/27 12:0 a.m.130 views

CVE-2023-42820

JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local...

8.2CVSS6.9AI score0.05404EPSS
In wildExploits4References3
Cvelist
Cvelist
added 2023/09/26 8:35 p.m.33 views

CVE-2023-42820 Random seed leakage in Jumpserver

JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local...

7CVSS8.5AI score0.05404EPSS
Exploits4References2
OSV
OSV
added 2023/09/26 8:35 p.m.21 views

CVE-2023-42820 Random seed leakage in Jumpserver

JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local...

7CVSS7.9AI score0.05404EPSS
Exploits4References4
Github Security Blog
Github Security Blog
added 2022/09/20 8:45 p.m.31 views

Fastly Compute@Edge JS Runtime has fixed random number seed during compilation

Impact Math.random and crypto.getRandomValues methods failed to use sufficiently random values. The initial value to seed the CSPRNG cryptographically secure pseudorandom number generator was baked-in to the final WebAssembly module meaning the sequence of numbers generated was predictable for th...

7.5CVSS7.1AI score0.00773EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder