Lucene search
K

1305 matches found

OSV
OSV
added 2025/04/15 12:26 p.m.4 views

CLSA-2025-1744719966 Fix CVE(s): CVE-2020-10729

SECURITY UPDATE: insufficiently random password generation vulnerability - debian/patches/CVE-2020-10729.patch: Fix issue with caching Jinja2 expressions, only cache results of single variable names - CVE-2020-10729...

5.5CVSS7.3AI score0.00435EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.3 views

PT-2025-16552 · Delta Electronics · Commgr

Name of the Vulnerable Software and Affected Versions: Delta Electronics COMMGR versions 1 through 2 Description: The issue is related to insufficiently randomized values used to generate session IDs, which could allow an attacker to brute force a session ID and potentially load and execute...

10CVSS7AI score0.00624EPSS
Exploits0References12
OSV
OSV
added 2025/04/05 4:15 p.m.3 views

UBUNTU-CVE-2024-57868

Web::API 2.8 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Web::API uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random...

5.5CVSS5.8AI score0.00259EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/04/05 12:0 a.m.4 views

MetaCPAN WebService::Xero 安全漏洞

MetaCPAN WebService::Xero is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN WebService::Xero version 0.11 and earlier that stems from the use of an insecure random number generator...

5.5CVSS6.7AI score0.00255EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/04/05 12:0 a.m.3 views

PT-2025-15066 · Unknown +1 · Amon2::Auth::Site::Line +2

Name of the Vulnerable Software and Affected Versions: Amon2::Auth::Site::LINE versions up to 0.04 Description: The issue concerns the use of a predictable random number generator. Amon2::Auth::Site::LINE utilizes the String::Random module to generate nonce values, which defaults to Perl's built-...

5.5CVSS6.9AI score0.00245EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/04/05 12:0 a.m.5 views

MetaCPAN Web::API 安全漏洞

MetaCPAN Web::API is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN Web::API version 2.8 and earlier that stems from the use of an insecure random number generator...

5.5CVSS6.5AI score0.00259EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/04 9:19 p.m.8 views

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to the use of insufficiently random values in Golang (CVE-2022-30629)

Summary Golang is used by IBM Storage Fusion Data Foundation as part of the operator's intrinsic functionality. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2022-30629. Vulnerability Details CVEID:CVE-2022-30629 DESCRIPTION:...

3.1CVSS6.5AI score0.0088EPSS
Exploits1Affected Software1
CNNVD
CNNVD
added 2025/04/02 12:0 a.m.6 views

MetaCPAN Crypt::Salt 安全特征问题漏洞

MetaCPAN Crypt::Salt is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN Crypt::Salt version 0.01, which stems from the use of an insecure rand function when generating cryptographic salts...

5.3CVSS6.8AI score0.0041EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.8 views

PT-2025-14484 · Unknown · Crypt::Salt

Name of the Vulnerable Software and Affected Versions: Crypt::Salt for Perl version 0.01 Description: The issue concerns the use of an insecure rand function when generating salts for cryptographic purposes. This could potentially lead to weaknesses in the cryptographic mechanisms that rely on...

5.3CVSS6.9AI score0.0041EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.3 views

MetaCPAN DBIx::Class::EncodedColumn 安全漏洞

MetaCPAN DBIx::Class::EncodedColumn is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN DBIx::Class::EncodedColumn versions prior to 0.00032, which stems from the use of a non-cryptographically secure rand function for password hash salting...

4CVSS4.8AI score0.0011EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.1 views

MetaCPAN DBIx::Class::EncodedColumn 安全漏洞

MetaCPAN DBIx::Class::EncodedColumn is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN DBIx::Class::EncodedColumn versions prior to 0.00032, which stems from the use of a non-cryptographically secure rand function for password hash salting...

4CVSS4.8AI score0.0011EPSS
Exploits0References2
OSV
OSV
added 2025/03/24 4:15 p.m.1 views

CVE-2021-26091

A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer parts of users authentication tokens and reset thei...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/03/12 5:9 a.m.3 views

SUSE CVE-2025-1828

Crypt::Random Perl package 1.05 through 1.55 may use rand function, which is not cryptographically strong, for cryptographic functions. If the Provider is not specified and /dev/urandom or an Entropy Gathering Daemon egd service is not available Crypt::Random will default to use the insecure...

8.8CVSS6.8AI score0.00376EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/08 6:10 a.m.6 views

CVE-2025-20908

Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...

6.5CVSS6.8AI score0.00267EPSS
Exploits0References1
OSV
OSV
added 2025/03/06 5:15 a.m.9 views

CVE-2025-20908

Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References1
NVD
NVD
added 2025/03/06 5:15 a.m.5 views

CVE-2025-20908

Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...

6.5CVSS0.00267EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/06 5:4 a.m.6 views

CVE-2025-20908

Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting...

6.5CVSS7.1AI score0.00267EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/06 12:0 a.m.5 views

PT-2025-9879

Name of the Vulnerable Software and Affected Versions Auracast versions prior to SMR Mar-2025 Release 1 Description The issue arises from the use of insufficiently random values in Auracast, allowing adjacent attackers to access Auracast broadcasting. Recommendations For versions prior to SMR...

6.5CVSS5.4AI score0.00267EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-48629

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - ensure buffer for generate is completely filled The generate function in...

5.5CVSS6.3AI score0.00378EPSS
Exploits1References2
OSV
OSV
added 2025/03/04 8:15 p.m.6 views

CVE-2025-1953

A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go of the component Prefix Caching. The manipulation leads to insufficiently random values. The...

2.1CVSS4.2AI score0.00278EPSS
Exploits0References7
Rows per page
Query Builder