1305 matches found
CVE-2020-27630
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random...
CVE-2020-27634
In Contiki 4.5, TCP ISNs are improperly random...
CVE-2020-27633
In FNET 4.6.3, TCP ISNs are improperly random...
CVE-2020-27213
An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers ISNs for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existin...
CVE-2020-27635
In PicoTCP 1.7.0, TCP ISNs are improperly random...
The vulnerability of the library for handling Bitcoin transactions and blocks in Libbitcoin Explorer (BX) allows a hacker to expose the protected information.
The vulnerability of the Libbitcoin Explorer BX for processing Bitcoin transactions and blocks is related to the use of a insecure random number generator program. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information...
The vulnerability of the PHP programming language, related to the use of insufficiently random values, allows attackers to gain access to confidential data.
The vulnerability of the PHP programming language lies in the use of a random number generator that operates within a narrow range of values. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
Insecure Randomness
Amendment This was deemed not a vulnerability. Overview github.com/greenpau/caddy-security is a Security App and Plugin for Caddy v2. Affected versions of this package are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for authentication purposes in th...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for authentication purposes in th...
Important: php
Issue Overview: GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixed in 8.2.7, 8.1.20, 8.0.29 NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw NOTE:...
The vulnerability of the React Native Bluetooth Scan component of the Bluezone application, which allows a intruder to gain unauthorized access to protected information.
The vulnerability of the React Native Bluetooth Scan component of the Bluezone application’s software interface is related to the use of insufficiently random values. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the JNDI component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to access, modify, add, or delete data.
The vulnerability of the JNDI component of Oracle Java SE and the Oracle GraalVM Enterprise Edition virtual machine is related to the use of insufficiently random values. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...
CVE-2023-39979
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values...
MOXA MXsecurity Security Feature Issue Vulnerability
MOXA MXsecurity is a management platform from China-based MOXA. that provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. A security vulnerability exists in MOXA MXsecurity...
PKP Web Application Library Security Vulnerability
The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A security vulnerability exists in the PKP Web Application Library prior to version 3.3.0-16, which...
RLSA-2023:4035 Important: nodejs:18 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: buffer overflow in configsortlist due to missing string length check...
nodejs:18 security update
An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
nodejs:16 security update
An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2023-4344
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection...