Lucene search
+L

328 matches found

CVE
CVE
added 2015/11/17 3:0 p.m.85 views

CVE-2015-5276

CVE-2015-5276 : The std::random_device class in libstdc++ (GCC) before 4.9.4 does not properly handle short reads from blocking sources, which could allow context-dependent attackers to predict random values via unspecified vectors. Affected: GCC/libstdc++ prior to 4.9.4. Root cause: inadequate h...

5CVSS7.5AI score0.02941EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/11/17 3:0 p.m.31 views

CVE-2015-5276

The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors...

8.3AI score0.02941EPSS
Exploits0References5
Prion
Prion
added 2014/07/11 2:55 p.m.17 views

Default credentials

Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack...

5CVSS7.3AI score0.05974EPSS
Exploits0References4Affected Software1
OwnCloud
OwnCloud
added 2012/08/10 5:4 p.m.64 views

Insufficiently random values - ownCloud

The rand and mtrand functions in PHP 5.4.x do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in ownCloud 4.0.x...

5.1CVSS6.2AI score0.03013EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2011/01/28 4:0 p.m.29 views

CVE-2010-4568

Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote attackers to obtain access to arbitrary accounts via unspecified vectors,...

7.5CVSS6AI score0.02531EPSS
Exploits0References1
Cvelist
Cvelist
added 2011/01/28 3:0 p.m.30 views

CVE-2010-4568

Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote attackers to obtain access to arbitrary accounts via unspecified vectors,...

6.5AI score0.02531EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.14 views

FreeBSD Security Advisory (FreeBSD-SA-07:09.random.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:09.random.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

2.1CVSS7AI score0.00328EPSS
Exploits1References1
Cvelist
Cvelist
added 2007/11/30 1:0 a.m.25 views

CVE-2007-6150

The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values...

6.4AI score0.00328EPSS
Exploits1References7
Rows per page
Query Builder