CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

246 matches found

NVD•added 2019/12/13 10:15 p.m.•14 views

CVE-2019-19794

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...

5.9CVSS6.6AI score0.00297EPSS

Exploits1References5

Cvelist•added 2019/12/13 9:46 p.m.•15 views

CVE-2019-19794

5.9AI score0.00297EPSS

Exploits1References5

Debian CVE•added 2019/12/13 9:46 p.m.•25 views

CVE-2019-19794

5.9CVSS6.8AI score0.00297EPSS

Exploits1

NVD•added 2019/09/26 2:15 a.m.•10 views

CVE-2015-9435

The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...

9.8CVSS9.6AI score0.00515EPSS

Exploits0References2

Prion•added 2019/09/26 2:15 a.m.•9 views

Design/Logic Flaw

The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...

7.5CVSS7.2AI score0.00515EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/09/26 1:14 a.m.•13 views

CVE-2015-9435

The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers...

9.7AI score0.00515EPSS

Exploits0References2

Positive Technologies•added 2019/05/09 12:0 a.m.•2 views

PT-2019-12525 · Matrix +2 · Matrix Sydent +3

Name of the Vulnerable Software and Affected Versions: Matrix Sydent versions prior to 1.0.3 Synapse versions prior to 0.99.3.1 Description: An issue was discovered that makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID due to mishandled random number...

9.8CVSS7.8AI score0.00773EPSS

Exploits0References29

Mageia•added 2019/05/07 9:38 p.m.•35 views

Updated putty/filezilla/wxgtk packages fix security vulnerability

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification CVE-2019-9894. In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding CVE-2019-9895. Multiple...

9.8CVSS2.5AI score0.04291EPSS

Exploits0References5

Tenable Nessus•added 2019/04/25 12:0 a.m.•26 views

Debian DLA-1763-1 : putty security update

Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially be re-used. For Debian 8 'Jessie', these problems have been fixed in version...

9.8CVSS8AI score0.04291EPSS

Exploits0References5

OpenVAS•added 2019/04/25 12:0 a.m.•68 views

Debian: Security Advisory (DLA-1763-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.04291EPSS

Exploits0References3

Debian•added 2019/04/24 9:25 p.m.•91 views

[SECURITY] [DLA 1763-1] putty security update

Package : putty Version : 0.63-10+deb8u2 CVE ID : CVE-2019-9894 CVE-2019-9897 CVE-2019-9898 Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could...

9.8CVSS9.7AI score0.04291EPSS

Exploits0

Ubuntu•added 2019/04/10 4:53 p.m.•168 views

USN-3944-1: wpa_supplicant and hostapd vulnerabilities

It was discovered that wpasupplicant and hostapd were vulnerable to a side channel attack against EAP-pwd. A remote attacker could possibly use this issue to recover certain passwords. CVE-2019-9495 Mathy Vanhoef discovered that wpasupplicant and hostapd incorrectly validated received scalar and...

8.1CVSS6.6AI score0.11468EPSS

Exploits0

OpenVAS•added 2019/04/06 12:0 a.m.•69 views

Debian: Security Advisory (DSA-4423-1)

9.8CVSS8.7AI score0.04291EPSS

Exploits0References4

Tenable Nessus•added 2019/04/04 12:0 a.m.•35 views

Debian DSA-4423-1 : putty - security update

Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially be re-used. C Tenable Network Security, Inc. The descriptive text and package chec...

9.8CVSS8AI score0.04291EPSS

Exploits0References7

Debian•added 2019/04/03 7:46 p.m.•116 views

[SECURITY] [DSA 4423-1] putty security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4423-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 03, 2019 https://www.debian.org/security/faq -...

9.8CVSS9.7AI score0.04291EPSS

Exploits0

NVD•added 2019/03/21 4:1 p.m.•12 views

CVE-2019-9898

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71...

9.8CVSS8.6AI score0.04291EPSS

Exploits0References11