Lucene search
+L

328 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:2 a.m.8 views

CVE-2023-27987

In Apache Linkis =1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules should add random values. We recommend users upgrade the version of Linkis to version 1.3.2 And modify t...

9.1CVSS6.8AI score0.00811EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:26 p.m.12 views

CVE-2022-23138

ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values, the security of the device is reduced, and it may face the risk of attack...

7.5CVSS7AI score0.00872EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:24 a.m.12 views

CVE-2013-5180

The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveragi...

4.3CVSS6.2AI score0.01086EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/06 5:4 a.m.14 views

CVE-2025-20908

Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...

6.5CVSS0.00267EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.5 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from insufficient random values and could lead to an adjacent attacker accessin...

6.5CVSS6.5AI score0.00267EPSS
Exploits0References2
NVD
NVD
added 2025/03/04 8:15 p.m.4 views

CVE-2025-1953

A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go of the component Prefix Caching. The manipulation leads to insufficiently random values. The...

2.6CVSS0.00248EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/03/04 8:0 p.m.6 views

CVE-2025-1953 vLLM AIBrix Prefix Caching hash.go random values

A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go of the component Prefix Caching. The manipulation leads to insufficiently random values. The...

2.6CVSS4.2AI score0.00248EPSS
Exploits0References7
CVE
CVE
added 2025/03/04 8:0 p.m.55 views

CVE-2025-1953

CVE-2025-1953 affects vLLM AIBrix 0.2.0. The issue resides in the Prefix Caching component, specifically file pkg/plugins/gateway/prefixcacheindexer/hash.go, where manipulation leads to insufficiently random values. Public documents describe the vulnerability as having a high attack complexity an...

2.6CVSS6.9AI score0.00248EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/02/18 12:0 a.m.24 views

AlmaLinux 8 : nodejs:22 (ALSA-2025:1611)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:1611 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs: GOAW...

7.7CVSS6.5AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/17 7:21 p.m.20 views

Important: Red Hat Security Advisory: nodejs:22 security update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.7CVSS6.7AI score0.01327EPSS
Exploits0References4
OSV
OSV
added 2025/02/17 12:0 a.m.15 views

ALSA-2025:1611 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

7.7CVSS6.1AI score0.01327EPSS
Exploits0References8
OSV
OSV
added 2025/02/13 8:35 p.m.17 views

RLSA-2025:1443 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083...

7.7CVSS6.3AI score0.01327EPSS
Exploits0References4
OSV
OSV
added 2025/02/13 8:35 p.m.23 views

RLSA-2025:1446 Moderate: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 For mor...

6.8CVSS6.2AI score0.01327EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2025/02/13 8:35 p.m.8 views

nodejs:18 security update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

6.8CVSS6.8AI score0.01327EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/02/13 4:3 p.m.17 views

Moderate: Red Hat Security Advisory: nodejs:18 security update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.8CVSS6.6AI score0.01327EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/02/13 3:42 p.m.8 views

undici: Undici Uses Insufficiently Random Values

A flaw was found in the undici package for Node.js. Undici uses Math.random to choose the boundary for a multipart/form-data request. It is known that the output of Math.random can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests t...

6.8CVSS7.3AI score0.00736EPSS
Exploits0References11
Redos
Redos
added 2025/02/13 12:0 a.m.81 views

ROS-20250212-13

Vulnerability in the ntpd daemon implementation of the NTP time synchronization protocol is related to insufficient validation of user input during NTP packet processing. user input during NTP packet processing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

7.5CVSS6.9AI score0.04071EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/02/12 3:32 p.m.17 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.7CVSS6.7AI score0.01327EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.10 views

RHEL 8 : nodejs:20 (RHSA-2025:1351)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1351 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

7.7CVSS6.6AI score0.01327EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/01/30 12:0 a.m.6 views

Wiesemann & Theis ComServer Use of Insufficiently Random Values (CVE-2022-42787)

Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. After login of an user an unathenticated remote attacker can brute force the users session id and get access to his account on the the device. As the user needs to log in for the attack to be...

8.8CVSS7.9AI score0.00734EPSS
Exploits0References2
Rows per page
Query Builder