Lucene search
K

1305 matches found

OSV
OSV
added 2023/08/15 7:15 p.m.6 views

CVE-2023-4344

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection...

9.8CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/15 6:25 p.m.14 views

CVE-2023-4344 Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection...

7.1AI score0.00588EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/15 6:25 p.m.39 views

CVE-2023-4344 Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection...

9.7AI score0.00588EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/15 12:0 a.m.5 views

Broadcom RAID Controller Security Feature Issue Vulnerability

The Broadcom RAID Controller is a series of RAID controllers from Broadcom Corporation USA. A security vulnerability exists in the Broadcom RAID Controller that stems from incorrect use of ssl.rnd to set up a CIM connection, which makes the web interface susceptible to insufficient randomization...

9.8CVSS6.7AI score0.00588EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/15 12:0 a.m.3 views

Intel Quartus Prime Pro Security Feature Issue Vulnerability

Intel Quartus Prime Pro is a set of multi-platform design environments from the U.S. company Intel Intel. The product is primarily used for programming programmable logic devices. A security vulnerability exists in Intel Quartus Prime Pro Edition prior to version 22.4, which stems from the presen...

5.5CVSS5.8AI score0.00174EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/15 12:0 a.m.7 views

PT-2023-28823 · Broadcom · Broadcom Raid Controller

Name of the Vulnerable Software and Affected Versions: Broadcom RAID Controller affected versions not specified Description: The Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to the improper use of ssl.rnd to set up a CIM connection. Recommendations: At the...

9.8CVSS6.5AI score0.00588EPSS
Exploits0References6
OSV
OSV
added 2023/08/02 1:15 p.m.5 views

CVE-2023-26451

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

7.5CVSS5.8AI score0.00995EPSS
Exploits0References4
NVD
NVD
added 2023/08/02 1:15 p.m.26 views

CVE-2023-26451

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

7.5CVSS7.5AI score0.00995EPSS
Exploits0References4
Prion
Prion
added 2023/08/02 1:15 p.m.20 views

Authorization

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

5CVSS7.5AI score0.00995EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/08/02 12:23 p.m.23 views

CVE-2023-26451

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

7.5CVSS7.7AI score0.00995EPSS
Exploits0References4
CVE
CVE
added 2023/08/02 12:23 p.m.2494 views

CVE-2023-26451

CVE-2023-26451 concerns Open-Xchange AppSuite’s integrated oAuth Authorization Service, which used a weak randomness source to generate authorization tokens. This made authorization codes predictable to third parties, enabling interception of the client authorization process and potential account...

7.5CVSS7.5AI score0.00995EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/02 12:0 a.m.6 views

PT-2023-20644 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The issue is related to the integrated oAuth Authorization Service, where functions with insufficient randomness were used to generate authorization tokens. This made authorization codes...

7.5CVSS7.4AI score0.00995EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/08/02 12:0 a.m.4 views

Open-Xchange AppSuite Security Feature Issue Vulnerability

Open-Xchange AppSuite is a set of Web cloud desktop environments from Open-Xchange Germany. The environment allows users to more intuitively manage email, tasks, files, and more. A security signature issue vulnerability exists in Open-Xchange AppSuite that stems from the integrated oAuth...

7.5CVSS6.7AI score0.00995EPSS
Exploits0References7
OSV
OSV
added 2023/07/22 5:15 a.m.2 views

DEBIAN-CVE-2023-3247

In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure ...

4.3CVSS5.7AI score0.00709EPSS
Exploits0References1
Snyk
Snyk
added 2023/07/21 11:57 a.m.2 views

Insecure Randomness

Overview Affected versions of this package are vulnerable to Insecure Randomness. If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value whe...

9.1CVSS9.1AI score0.00541EPSS
Exploits0References2
OSV
OSV
added 2023/07/21 1:15 a.m.2 views

CVE-2023-3803

A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. Th...

3.7CVSS4.4AI score0.00545EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/07/21 12:0 a.m.4 views

PT-2023-26256 · Unknown · Chengdu Flash Flood Disaster Monitoring/Warning System

Name of the Vulnerable Software and Affected Versions: Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 Description: A problematic vulnerability has been found in the Chengdu Flash Flood Disaster Monitoring and Warning System. This issue affects an unknown part of the file...

3.7CVSS4AI score0.00545EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/07/13 12:0 a.m.19 views

RHEL 9 : nodejs (RHSA-2023:4036)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4036 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

7.5CVSS6.5AI score0.01577EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/07/13 12:0 a.m.30 views

RHEL 8 : nodejs:18 (RHSA-2023:4035)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4035 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

8.6CVSS6.9AI score0.01577EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2023/07/13 12:0 a.m.59 views

RHEL 8 : nodejs:16 (RHSA-2023:4034)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4034 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

7.5CVSS6.5AI score0.01577EPSS
Exploits0References10
Rows per page
Query Builder