CVE-2009-4602

Cross-site scripting XSS vulnerability in the Randomizer module 5.x through 5.x-1.0 and 6.x through 6.x-1.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

EUVD-2009-4568

Malware in sbrugna...

EUVD-2007-2625

Malware in sbrugna...

EUVD-2014-6692

Malware in sbrugna...

MAL-2025-4512 Malicious code in super-randomizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 46a7beb67969c60a902fa65a47d6bd880c7de7d3d731f2cc6362efeddf2849ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in super-randomizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 46a7beb67969c60a902fa65a47d6bd880c7de7d3d731f2cc6362efeddf2849ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Adding a randomizer to a collection should be mandatory

Lines of code Vulnerability details Impact The minting process will be broken. Proof of Concept In the current setup, a randomizer contract can be associated with each collection, and it plays a crucial role in generating a random value for token uniqueness during the minting process. Here's a...

WordPress SEO Content Randomizer Plugin < 3.28.1 is vulnerable to Cross Site Scripting (XSS)

Software SEO Content Randomizer Type Plugin Vulnerable versions 3.28.1 Fixed in 3.28.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f3735b8f77bc Credits Rafie Muhammad Patchstack...

Canonical Landscape 安全特征问题漏洞

Canonical Landscape is a system administration tool from Canonical UK. A security vulnerability exists in Canonical Landscape that stems from the use of a weak pseudo-randomizer to generate insecure landscape encryption keys...

OpenVPN 安全特征问题漏洞

OpenVPN is a software package for creating encrypted tunnels for virtual private networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows created VPNs to be authenticated using a public key, e-certificate, or username/password. A...

WordPress WooCommerce SEO Content Randomizer Addon plugin <= 1.2.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooCommerce SEO Content Randomizer Addon plugin versions = 1.2.0. Solution Update the WordPress WooCommerce SEO Content Randomizer Addon plugin to the latest available version at least 1.2.2...

WordPress WooCommerce SEO Content Randomizer Addon plugin <= 1.2.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce SEO Content Randomizer Addon plugin versions = 1.2.0. Solution Update the WordPress WooCommerce SEO Content Randomizer Addon plugin to the latest available version at least 1.2.2...

WordPress SEO Content Randomizer plugin <= 3.26.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress SEO Content Randomizer plugin versions = 3.26.0. Solution Update the WordPress SEO Content Randomizer plugin to the latest available version at least 3.27.0...

WordPress SEO Content Randomizer plugin <= 3.26.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress SEO Content Randomizer plugin versions = 3.26.0. Solution Update the WordPress SEO Content Randomizer plugin to the latest available version at least 3.27.0...

Vulnerabilities fixed in NetBSD

Vulnerabilities have been fixed in NetBSD's IP stack. Because the randomizer for IP packet ID is not turned on by default, and the randomizer is not random enough when it is enabled, a malicious party can analyze the IP traffic and possibly gain access to sensitive data via a man-in-the-middle...

Run HTTP Flood DDoS Attacks: Wreckuests

Stress Testing: Run HTTP Flood DDoS Attacks Wreckuests is a script, which allows you to run DDoS attacks with HTTP-floodGET/POST. It’s written in pure Python and uses proxy-servers as “bots”. This script is published for educational purposes only! Features Cache bypass with random ?abcd=efg...

CVE-2014-6814

The Sentinels Randomizer aka com.mikehipps.sentinelsrandomizer application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Sentinels Randomizer aka com.mikehipps.sentinelsrandomizer application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6814

The Sentinels Randomizer aka com.mikehipps.sentinelsrandomizer application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6814

The CVE-2014-6814 entry concerns the Android app Sentinels Randomizer (com.mikehipps.sentinelsrandomizer) version 1.1.0, which does not verify X.509 certificates when connecting to SSL servers. This misconfiguration allows man‑in‑the‑middle attackers to spoof servers and obtain sensitive informat...