1305 matches found
CLSA-2025-1744719966 Fix CVE(s): CVE-2020-10729
SECURITY UPDATE: insufficiently random password generation vulnerability - debian/patches/CVE-2020-10729.patch: Fix issue with caching Jinja2 expressions, only cache results of single variable names - CVE-2020-10729...
PT-2025-16552 · Delta Electronics · Commgr
Name of the Vulnerable Software and Affected Versions: Delta Electronics COMMGR versions 1 through 2 Description: The issue is related to insufficiently randomized values used to generate session IDs, which could allow an attacker to brute force a session ID and potentially load and execute...
UBUNTU-CVE-2024-57868
Web::API 2.8 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Web::API uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random...
MetaCPAN WebService::Xero 安全漏洞
MetaCPAN WebService::Xero is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN WebService::Xero version 0.11 and earlier that stems from the use of an insecure random number generator...
PT-2025-15066 · Unknown +1 · Amon2::Auth::Site::Line +2
Name of the Vulnerable Software and Affected Versions: Amon2::Auth::Site::LINE versions up to 0.04 Description: The issue concerns the use of a predictable random number generator. Amon2::Auth::Site::LINE utilizes the String::Random module to generate nonce values, which defaults to Perl's built-...
MetaCPAN Web::API 安全漏洞
MetaCPAN Web::API is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN Web::API version 2.8 and earlier that stems from the use of an insecure random number generator...
Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to the use of insufficiently random values in Golang (CVE-2022-30629)
Summary Golang is used by IBM Storage Fusion Data Foundation as part of the operator's intrinsic functionality. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2022-30629. Vulnerability Details CVEID:CVE-2022-30629 DESCRIPTION:...
MetaCPAN Crypt::Salt 安全特征问题漏洞
MetaCPAN Crypt::Salt is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN Crypt::Salt version 0.01, which stems from the use of an insecure rand function when generating cryptographic salts...
PT-2025-14484 · Unknown · Crypt::Salt
Name of the Vulnerable Software and Affected Versions: Crypt::Salt for Perl version 0.01 Description: The issue concerns the use of an insecure rand function when generating salts for cryptographic purposes. This could potentially lead to weaknesses in the cryptographic mechanisms that rely on...
MetaCPAN DBIx::Class::EncodedColumn 安全漏洞
MetaCPAN DBIx::Class::EncodedColumn is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN DBIx::Class::EncodedColumn versions prior to 0.00032, which stems from the use of a non-cryptographically secure rand function for password hash salting...
MetaCPAN DBIx::Class::EncodedColumn 安全漏洞
MetaCPAN DBIx::Class::EncodedColumn is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN DBIx::Class::EncodedColumn versions prior to 0.00032, which stems from the use of a non-cryptographically secure rand function for password hash salting...
CVE-2021-26091
A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset thei...
SUSE CVE-2025-1828
Crypt::Random Perl package 1.05 through 1.55 may use rand function, which is not cryptographically strong, for cryptographic functions. If the Provider is not specified and /dev/urandom or an Entropy Gathering Daemon egd service is not available Crypt::Random will default to use the insecure...
CVE-2025-20908
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...
CVE-2025-20908
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...
CVE-2025-20908
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...
CVE-2025-20908
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...
PT-2025-9879
Name of the Vulnerable Software and Affected Versions Auracast versions prior to SMR Mar-2025 Release 1 Description The issue arises from the use of insufficiently random values in Auracast, allowing adjacent attackers to access Auracast broadcasting. Recommendations For versions prior to SMR...
Linux Distros Unpatched Vulnerability : CVE-2022-48629
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - ensure buffer for generate is completely filled The generate function in...
CVE-2025-1953
A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go of the component Prefix Caching. The manipulation leads to insufficiently random values. The...