20 matches found
USN-8094-2: Linux kernel vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...
MiracleLinux 9 : skopeo-1.11.2-0.1.el9 (AXSA:2023-5634:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5634:02 advisory. golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 golang: crypto/tls: session tickets lack random...
CVE-2025-68313
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly signaling success...
CVE-2025-68313 x86/CPU/AMD: Add RDSEED fix for Zen5
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly signaling success...
PT-2025-51725
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue with the RDSEED instruction on Zen5 processors, where 16-bit and 32-bit register output variants may return a random value of 0 at an inconsistent rate...
EUVD-2009-0490
Malware in sbrugna...
EUVD-2019-0437
Malware in sbrugna...
EUVD-2000-0444
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-4772
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An HTTP digest authentication nonce value was generated using rand which could lead to predictable values. This vulnerability affects Firefox 126. CVE-2024-4772...
CVE-2025-20908
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...
Insufficient randomness in github.com/Masterminds/goutils
...
c-ares: Insufficient randomness in generation of DNS query IDs
A vulnerability was found in c-ares. This issue occurs when /dev/urandom or RtlGenRandom are unavailable, c-ares will use rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand, so it will generate predictable output...
Insufficient randomness in generation of DNS query IDs in c-ares
...
Vulnerabilities fixed in NetBSD
The developers of NetBSD have fixed a number of vulnerabilities fixed in NetBSD's IP stack. Because packet IDs are not randomly are not randomly generated by default, a malicious party can predict the IP traffic. predict, allowing the malicious party to launch a man-in-the-middle attack to obtain...
PT-2021-2231 · Contiki · Contiki
Name of the Vulnerable Software and Affected Versions: Contiki version 4.5 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the Contiki OS uIP protocol stack implementation. This could allow a remote attacker to gain unauthorized access to...
CVE-2019-10064
hostapd before 2.6, in EAP mode, makes calls to the rand and random standard library functions without any preceding srand or srandom call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743...
UBUNTU-CVE-2019-10064
hostapd before 2.6, in EAP mode, makes calls to the rand and random standard library functions without any preceding srand or srandom call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743...
UBUNTU-CVE-2015-8867
The opensslrandompseudobytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RANDpseudobytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified...
SSL Certificate High Level of Randomness Detected
Binary data 7111.pasl...
SSL Certificate High Level of Randomness Detected
Binary data 7109.pasl...