Lucene search
K

1305 matches found

NVD
NVD
added 2023/10/10 5:15 p.m.15 views

CVE-2020-27630

In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random...

9.8CVSS9.6AI score0.01083EPSS
Exploits0References3
OSV
OSV
added 2023/10/10 5:15 p.m.2 views

CVE-2020-27634

In Contiki 4.5, TCP ISNs are improperly random...

9.1CVSS5.8AI score0.01716EPSS
Exploits0References3
NVD
NVD
added 2023/10/10 5:15 p.m.18 views

CVE-2020-27633

In FNET 4.6.3, TCP ISNs are improperly random...

9.1CVSS9.4AI score0.00871EPSS
Exploits0References3
OSV
OSV
added 2023/10/10 5:15 p.m.3 views

CVE-2020-27213

An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers ISNs for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existin...

7.5CVSS5.8AI score0.00973EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/10/10 12:0 a.m.18 views

CVE-2020-27635

In PicoTCP 1.7.0, TCP ISNs are improperly random...

7.2AI score0.00871EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/09/28 12:0 a.m.7 views

The vulnerability of the library for handling Bitcoin transactions and blocks in Libbitcoin Explorer (BX) allows a hacker to expose the protected information.

The vulnerability of the Libbitcoin Explorer BX for processing Bitcoin transactions and blocks is related to the use of a insecure random number generator program. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information...

7.8CVSS7.1AI score0.01312EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/21 12:0 a.m.3 views

The vulnerability of the PHP programming language, related to the use of insufficiently random values, allows attackers to gain access to confidential data.

The vulnerability of the PHP programming language lies in the use of a random number generator that operates within a narrow range of values. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

4.3CVSS5.9AI score0.00709EPSS
Exploits0References13Affected Software7
Snyk
Snyk
added 2023/09/18 1:48 p.m.9 views

Insecure Randomness

Amendment This was deemed not a vulnerability. Overview github.com/greenpau/caddy-security is a Security App and Plugin for Caddy v2. Affected versions of this package are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted...

9.8CVSS7.1AI score0.0068EPSS
Exploits0References2
Snyk
Snyk
added 2023/09/18 1:48 p.m.2 views

Insecure Randomness

Overview Affected versions of this package are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for authentication purposes in th...

9.8CVSS7.2AI score0.0068EPSS
Exploits0References2
Snyk
Snyk
added 2023/09/18 1:48 p.m.2 views

Insecure Randomness

Overview Affected versions of this package are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for authentication purposes in th...

9.8CVSS7.2AI score0.0068EPSS
Exploits0References2
Amazon
Amazon
added 2023/09/13 12:0 a.m.6 views

Important: php

Issue Overview: GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixed in 8.2.7, 8.1.20, 8.0.29 NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw NOTE:...

9.8CVSS7.1AI score0.08003EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.5 views

The vulnerability of the React Native Bluetooth Scan component of the Bluezone application, which allows a intruder to gain unauthorized access to protected information.

The vulnerability of the React Native Bluetooth Scan component of the Bluezone application’s software interface is related to the use of insufficiently random values. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

6.5CVSS6.6AI score0.01432EPSS
Exploits1References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/06 12:0 a.m.6 views

The vulnerability of the JNDI component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to access, modify, add, or delete data.

The vulnerability of the JNDI component of Oracle Java SE and the Oracle GraalVM Enterprise Edition virtual machine is related to the use of insufficiently random values. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...

3.7CVSS6.3AI score0.01401EPSS
Exploits0References15Affected Software5
OSV
OSV
added 2023/09/02 1:15 p.m.3 views

CVE-2023-39979

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values...

9.8CVSS5.8AI score0.0074EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/02 12:0 a.m.3 views

MOXA MXsecurity Security Feature Issue Vulnerability

MOXA MXsecurity is a management platform from China-based MOXA. that provides centralized visibility and security management to easily monitor and identify network threats and prevent security misconfigurations to create a robust threat defense. A security vulnerability exists in MOXA MXsecurity...

9.8CVSS6.9AI score0.0074EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/01 12:0 a.m.5 views

PKP Web Application Library Security Vulnerability

The PKP Web Application Library is a library shared by PKP's Open Journal System OJS, Open Conference System OCS, Open Monograph Press OMP, Open Preprint System OPS, and Open Harvester System OHS. A security vulnerability exists in the PKP Web Application Library prior to version 3.3.0-16, which...

9.6CVSS6.8AI score0.00605EPSS
Exploits1References3
OSV
OSV
added 2023/08/31 4:54 p.m.46 views

RLSA-2023:4035 Important: nodejs:18 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: buffer overflow in configsortlist due to missing string length check...

8.6CVSS7.4AI score0.01577EPSS
Exploits1References6
Rockylinux
Rockylinux
added 2023/08/31 4:54 p.m.60 views

nodejs:18 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.6CVSS7.8AI score0.01577EPSS
Exploits1
Rockylinux
Rockylinux
added 2023/08/31 4:54 p.m.54 views

nodejs:16 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS8.5AI score0.01577EPSS
Exploits0
NVD
NVD
added 2023/08/15 7:15 p.m.26 views

CVE-2023-4344

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection...

9.8CVSS9.5AI score0.00588EPSS
Exploits0References2
Rows per page
Query Builder