DEBIAN-CVE-2026-8700

Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

SUSE CVE-2026-25835

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator PRNG...

ALPINE-CVE-2026-25835

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator PRNG...

PT-2026-29585

Name of the Vulnerable Software and Affected Versions Mbed TLS versions prior to 3.6.6 TF-PSA-Crypto versions prior to 1.1.0 Description The software uses seeds incorrectly within a Pseudo-Random Number Generator PRNG. This can lead to predictable random number generation. Recommendations Update...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002322 advisory. The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended...

Jumpserver Information Disclosure Vulnerability

Jumpserver is an open source bastion machine from Hangzhou Feizhiyun Information Technology Co. in China. JumpServer suffers from an information disclosure vulnerability caused by exposing random number seeds to the API, which could allow replay of randomly generated CAPTCHAs, leading to password...

PT-2022-10364 · Telenot · Telenot Compasx

Name of the Vulnerable Software and Affected Versions: Telenot CompasX versions prior to 32.0 Description: The issue is related to the use of a weak seed for random number generation, which leads to predictable AES keys used in NFC tags for local authorization of users. This may result in the tot...

CVE-2019-11495

In Couchbase Server 5.1.1, the cookie used for intra-node communication was not generated securely. Couchbase Server uses erlang:now to seed the PRNG which results in a small search space for potential random seeds that could then be used to brute force the cookie and execute code against a remot...

nodejs: Constant Hashtable Seeds vulnerability

It was found that Node.js was using a non-randomized seed when populating hash tables. An attacker, able to supply a large number of inputs, could send specially crafted entries to the Node.js application, maximizing hash collisions to trigger an excessive amount of CPU usage, resulting in a deni...

nodejs: Constant Hashtable Seeds vulnerability

It was found that Node.js was using a non-randomized seed when populating hash tables. An attacker, able to supply a large number of inputs, could send specially crafted entries to the Node.js application, maximizing hash collisions to trigger an excessive amount of CPU usage, resulting in a deni...

CVE-2014-7284

The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by...

UBUNTU-CVE-2014-7284

The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by...

Ubuntu: Security Advisory (USN-2290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2288-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2290-1 linux vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

USN-2288-1: Linux kernel (Trusty HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...