Lucene search
K

1576 matches found

CNNVD
CNNVD
added 2026/04/22 12:0 a.m.10 views

WordPress plugin Fast & Fancy Filter – 3F 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.0018EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.10 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013302 advisory. The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, a...

4.3CVSS6.8AI score0.05271EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/15 7:3 a.m.4 views

CVE-2026-5088 Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts

Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The makesalt and makesaltbcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply...

5.8AI score0.00572EPSS
Exploits0References4
RustSec
RustSec
added 2026/04/09 12:0 p.m.28 views

Rand is unsound with a custom logger using `rand::rng()`

It has been reported by @lopopolo that the rand library is unsound i.e. that safe code using the public API can cause Undefined Behaviour when all the following conditions are met: - The log and threadrng features are enabled - A custom logger is defined - The custom logger accesses rand::rng...

5.7AI score
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.7 views

WordPress plugin Download Monitor 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.4CVSS5.7AI score0.00161EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.7 views

WordPress plugin Backup Migration 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00558EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/01 9:30 p.m.8 views

EUVD-2026-18001

An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator PRNG...

6.7CVSS5.9AI score0.00192EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/01 10:58 a.m.5 views

CVE-2025-15618

Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key. Business::OnlinePayment::StoredTransaction generates a secret key by using a MD5 hash of a single call to the built-in rand function, which is unsuitable for cryptographic use. This key is...

9.1CVSS5.9AI score0.00328EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/04/01 12:0 a.m.6 views

CVE-2026-25835

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator PRNG...

7.7CVSS5.9AI score0.0017EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.6 views

PT-2026-29217

Name of the Vulnerable Software and Affected Versions Business::OnlinePayment::StoredTransaction versions through 0.01 Description The software generates a secret key using an MD5 hash of a single call to the rand function, which is not suitable for cryptographic purposes. This key is used for...

9.1CVSS5.9AI score0.00328EPSS
Exploits0References8
OSV
OSV
added 2026/03/26 5:58 p.m.5 views

GHSA-434V-X5QV-PMH6 libcrux has All-Zero Key Generation Upon Catastrophic RNG Failure

The libcrux-ed25519 key generation samples Ed25519 secret keys from a provided CSPRNG in a loop for up to 100 attempts until a non-zero key is found. If a non-zero key could not be sampled within 100 attempts the key generation function would silently continue with an all-zero buffer as the secre...

8.2CVSS6AI score
Exploits0References3
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.15 views

WordPress plugin Xhanch - My Advanced Settings 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.10 views

WordPress plugin Redirect countdown 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.8 views

WordPress plugin e-shot form builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

5.3CVSS5.8AI score0.00231EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.9 views

WordPress plugin Lobot Slider Administrator 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.4 views

EulerOS Virtualization 2.13.1 : bind (EulerOS-SA-2026-1633)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker ...

8.6CVSS6.9AI score0.00509EPSS
Exploits1References3
OSV
OSV
added 2026/03/16 2:3 p.m.21 views

USN-8095-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.8AI score0.00519EPSS
Exploits7References425
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.6 views

WordPress plugin wpDiscuz 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

8.7CVSS5.8AI score0.00976EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.9 views

WordPress plugin wpDiscuz 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

8.7CVSS5.8AI score0.00524EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.8 views

WordPress plugin wpDiscuz 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.7AI score0.00153EPSS
Exploits0References3
Rows per page
Query Builder