Lucene search
+L

1582 matches found

CNNVD
CNNVD
added 2026/03/21 12:0 a.m.10 views

WordPress plugin Lobot Slider Administrator 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.4 views

EulerOS Virtualization 2.13.1 : bind (EulerOS-SA-2026-1633)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker ...

8.6CVSS6.9AI score0.00509EPSS
Exploits1References3
OSV
OSV
added 2026/03/16 2:3 p.m.23 views

USN-8095-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.8AI score0.00519EPSS
Exploits7References425
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.9 views

WordPress plugin wpDiscuz 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

8.7CVSS5.8AI score0.00524EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.9 views

WordPress plugin wpDiscuz 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.4CVSS5.7AI score0.00153EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.8 views

WordPress plugin wpDiscuz 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

8.7CVSS5.8AI score0.00976EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/06 10:8 p.m.12 views

CoreDNS Loop Detection Denial of Service Vulnerability

Executive Summary A Denial of Service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable pseudo-random number generator PRNG for generating a secret...

7.5CVSS5.7AI score0.01093EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2026/03/06 7:0 p.m.3 views

Predictable Seed in Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Predictable Seed in Pseudo-Random Number Generator PRNG in the loop plugin during self-test on server startup. An attacker can cause the DNS server to crash by sending specially crafted DNS queries that exploit the use of a predictable...

8.2CVSS5.8AI score0.01093EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/06 3:35 p.m.2 views

CVE-2026-26018 CoreDNS Loop Detection Denial of Service Vulnerability

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable...

7.5CVSS5.7AI score0.01093EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.9 views

PT-2026-23722

Name of the Vulnerable Software and Affected Versions CoreDNS versions prior to 1.14.2 Description CoreDNS is a DNS server that utilizes chained plugins. A denial of service condition exists in the loop detection plugin due to a predictable pseudo-random number generator PRNG used for generating ...

9.9CVSS5.8AI score0.02054EPSS
Exploits18References218
OSV
OSV
added 2026/03/05 3:15 a.m.9 views

CVE-2024-57854

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

9.1CVSS5.8AI score0.00409EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/05 2:18 a.m.32 views

CVE-2024-57854 Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

0.00409EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.11 views

PT-2026-23125

Name of the Vulnerable Software and Affected Versions Net::NSCA::Client versions through 0.009002 Description Net::NSCA::Client for Perl utilizes an inadequate random number generator. Version 0.003 transitioned to using Data::Rand::Obscure instead of Crypt::Random for generating initialization...

9.1CVSS5.8AI score0.00409EPSS
Exploits0References9
OSV
OSV
added 2026/03/04 12:0 p.m.5 views

RUSTSEC-2026-0075 All-Zero Key Generation on Catastrophic RNG Failure

The libcrux-ed25519 key generation samples Ed25519 secret keys from a provided CSPRNG in a loop for up to 100 attempts until a non-zero key is found. If a non-zero key could not be sampled within 100 attempts the key generation function would silently continue with an all-zero buffer as the secre...

8.2CVSS5.9AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/02 12:28 a.m.10 views

SUSE CVE-2025-40932

Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will...

8.2CVSS5.7AI score0.002EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/27 9:31 p.m.13 views

EUVD-2026-9063

HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epo...

5.9AI score0.00418EPSS
Exploits0References5
NVD
NVD
added 2026/02/27 8:21 p.m.9 views

CVE-2026-3255

HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epo...

6.5CVSS0.00418EPSS
Exploits0References5
OSV
OSV
added 2026/02/27 8:12 p.m.7 views

CVE-2026-3255 HTTP::Session2 versions before 1.12 for Perl may generate weak session ids using the rand() function

HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epo...

6.5CVSS5.9AI score0.00418EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/02/27 12:0 a.m.7 views

CVE-2025-40932

Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will...

8.2CVSS5.8AI score0.002EPSS
Exploits0References3
OSV
OSV
added 2026/02/24 11:20 a.m.17 views

USN-8029-3 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS6.5AI score0.00519EPSS
Exploits4References368
Rows per page
Query Builder