Lucene search
+L

1582 matches found

Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.16 views

PT-2026-45637

Memory Corruption when sending random number generator command with insufficient output buffer size...

6.7CVSS5.9AI score0.00079EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from insufficient output buffer size during the execution of random number generator commands, leading to memory corruption...

6.7CVSS5.9AI score0.00079EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 3:1 p.m.11 views

USN-8325-1 tgt vulnerability

It was discovered that tgt incorrectly tried to achieve entropy by calling rand without srand. An attacker could possibly use this issue to make tgt generate an identical sequence of challenges, resulting in authentication bypass...

5.9CVSS5.8AI score0.00547EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/27 3:1 p.m.18 views

USN-8325-1: tgt vulnerability

It was discovered that tgt incorrectly tried to achieve entropy by calling rand without srand. An attacker could possibly use this issue to make tgt generate an identical sequence of challenges, resulting in authentication bypass...

5.9CVSS5.8AI score0.00547EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:58 p.m.7 views

CVE-2026-46075

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new -read calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while...

5.7AI score0.00129EPSS
Exploits0References7Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: cavium – fixed the NULL pointer dereference issue in coccicheck. Fixed the following coccicheck warnings: ./drivers/char/hwrandom/cavium-rng-vf.c:182:17-20: Error: pdev is NULL, but it was dereferenced...

5.5CVSS6.3AI score0.00216EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: tpm: Added !tpmamdisrngdefective to the hwrngunregister call site The following crash was reported: 1950.279393 listdel corruption, ffff99560d485790-next is NULL 1950.279400 ------------ cut here ------------ 1950.279401 Kerne...

5.3AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Netfilter: Use getrandomu32 instead of prandom. This issue may occur when updating the per-cpu rndstate from a user context, i.e., the localout path. BUG: Using smpprocessorid in preemptible 00000000 code: nginx/2725. Caller is...

7.8CVSS6AI score0.0029EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in pgagent

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator was used when generating the directory name, which allows a local attacker to pre-create the directory a...

7.1CVSS6.2AI score0.00171EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Apache::Session::Generate::SHA256 安全特征问题漏洞

Apache::Session::Generate::SHA256 is a session management module developed by the Apache Foundation. Versions of Apache::Session::Generate::SHA256 prior to 1.3.19 contained security vulnerabilities. These vulnerabilities stemmed from insecure session ID generation. The use of the built-in rand...

6.5CVSS5.7AI score0.00243EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/14 7:24 p.m.11 views

EUVD-2026-30381

Timing limitations of the HRNG in RS9116 when power save mode is enabled results in predictable values...

7.4CVSS5.8AI score0.00159EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 7:24 p.m.26 views

CVE-2026-3290

CVE-2026-3290 affects the HRNG in the RS9116. When power-save mode is enabled, timing limitations produce predictable random values, as described in the connected records. The CVSS 4.0 vector indicates high impact on confidentiality and integrity with adjacent access and no privileges, and passiv...

7.4CVSS5.8AI score0.00159EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.16 views

PT-2026-41021

Timing limitations of the HRNG in RS9116 when power save mode is enabled results in predictable values...

7.4CVSS5.8AI score0.00159EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:17 p.m.10 views

SUSE CVE-2022-48629

In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - ensure buffer for generate is completely filled The generate function in struct rngalg expects that the destination buffer is completely filled if the function returns 0. qcomrngread can run into a situation...

5.5CVSS6.1AI score0.00378EPSS
Exploits1References12
EUVD
EUVD
added 2026/05/08 3:31 p.m.13 views

EUVD-2026-28620

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: chacha: Zeroize permutedstate before it leaves scope Since the ChaCha permutation is invertible, the local variable 'permutedstate' is sufficient to compute the original 'state', and thus the key, even after the...

5.8AI score0.00425EPSS
Exploits0References9
OSV
OSV
added 2026/05/08 2:16 p.m.18 views

UBUNTU-CVE-2026-43336

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: chacha: Zeroize permutedstate before it leaves scope Since the ChaCha permutation is invertible, the local variable 'permutedstate' is sufficient to compute the original 'state', and thus the key, even after the...

7.5CVSS5.7AI score0.00425EPSS
Exploits0References11
EUVD
EUVD
added 2026/04/30 11:49 a.m.8 views

EUVD-2026-26369

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS5.3AI score0.00374EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.6 views

PT-2026-36091

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand function to return a number between 0 and...

5.9CVSS5.3AI score0.00374EPSS
Exploits0References3
OSV
OSV
added 2026/04/27 8:35 p.m.24 views

JLSEC-2026-278

An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The suggested passwords depend deterministically on the time the second rclone was started. This limi...

7.5CVSS5.3AI score0.01336EPSS
Exploits1References4
OSV
OSV
added 2026/04/27 6:33 p.m.18 views

JLSEC-2026-215 OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include...

OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...

5.3CVSS6.3AI score0.06232EPSS
Exploits0References25
Rows per page
Query Builder