Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/03/28 9:33 p.m.2 views

EUVD-2025-209114

Amon2 versions before 6.17 for Perl use an insecure randomstring implementation for security functions. In versions 6.06 through 6.16, the randomstring function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes by concatenating a SHA-1 has...

5.8AI score0.00023EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/03/28 6:43 p.m.1 views

CVE-2025-15604 Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions

Amon2 versions before 6.17 for Perl use an insecure randomstring implementation for security functions. In versions 6.06 through 6.16, the randomstring function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes by concatenating a SHA-1 has...

5.8AI score0.00023EPSS
Exploits0References4
NVD
NVDadded 2024/09/25 5:15 p.m.6 views

CVE-2024-41708

An issue was discovered in AdaCore adawebservices 20.0 allows an attacker to escalate privileges and steal sessions via the RandomString function in the src/core/aws-utils.adb module...

7.5CVSS0.00108EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/09/25 12:0 a.m.12 views

CVE-2024-41708

An issue was discovered in AdaCore adawebservices 20.0 allows an attacker to escalate privileges and steal sessions via the RandomString function in the src/core/aws-utils.adb module...

7.1AI score0.00108EPSS
Exploits0References2
CVE
CVEadded 2024/09/25 12:0 a.m.50 views

CVE-2024-41708

CVE-2024-41708 — Ada Web Server (AdaCore ada_web_services 20.0) is affected by a cryptographic PRNG issue. The Fedora/OpenVAS/Nessus advisories describe that AWS.Utils.Random and AWS.Utils.Random_String relied on Ada.Numerics.Discrete_Random, which is not cryptographically secure, and that Random...

7.5CVSS7.2AI score0.00108EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/09/25 12:0 a.m.17 views

CVE-2024-41708

An issue was discovered in AdaCore adawebservices 20.0 allows an attacker to escalate privileges and steal sessions via the RandomString function in the src/core/aws-utils.adb module...

0.00108EPSS
Exploits0References2
Veracode
Veracodeadded 2017/07/26 3:4 a.m.20 views

Predictable Password Recovery

Moodle is vulnerable to predictable password recovery. The vulnerability exists because of not enough randomization of PHP mtrand function used in randomstring and complexrandomstring functions...

7.5CVSS7.6AI score0.00401EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCveadded 2016/02/22 5:59 a.m.19 views

CVE-2015-5267

lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 relies on the PHP mtrand function to implement the randomstring and complexrandomstring functions, which makes it easier for remote attackers to predict password-recovery tokens via a...

7.5CVSS7.2AI score0.00401EPSS
Exploits0References2
Rows per page
Query Builder