Lucene search
K

12 matches found

OSV
OSV
added 2022/08/11 6:10 p.m.7 views

GHSA-2JQ9-6XX7-3H29 `temporary` makes use of uninitialized memory

Uninitialized memory is used as a RNG seed in temporary. This has been resolved in the 0.6.4 release. The crate is not intended to be used outside of a testing environment. For a general purpose crate to create temporary directories, tempfile is an alternative for this crate...

7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/08/11 6:10 p.m.13 views

`temporary` makes use of uninitialized memory

Uninitialized memory is used as a RNG seed in temporary. This has been resolved in the 0.6.4 release. The crate is not intended to be used outside of a testing environment. For a general purpose crate to create temporary directories, tempfile is an alternative for this crate...

6.8AI score
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.40 views

Security Bulletin: Multiple Vulnerabilities in Network Time Protocol (NTP) Affect Power Hardware Management Console (CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296)

Summary There are multiple vulnerabilities in Network Time Protocol NTP Project NTP daemon ntpd that is used by Power Hardware Management Console Vulnerability Details CVE-ID: CVE-2014-9293 DESCRIPTION: Network Time Protocol NTP Project NTP daemon ntpd could provide weaker than expected security,...

7.5CVSS8.3AI score0.7809EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:45 a.m.42 views

Security Bulletin: Multiple vulnerabilities in ntp affect IBM Flex System Manager (FSM) (CVE-2014-9293, CVE-2014-9294, CVE-2014-9297, CVE-2014-9298)

Summary There are multiple vulnerabilities in ntp that is used by IBM Flex System Manager. Vulnerability Details Summary There are multiple vulnerabilities in ntp that is used by IBM Flex System Manager. Vulnerability Details: CVE-ID: CVE-2014-9293 Description: Network Time Protocol NTP Project N...

7.5CVSS0.6AI score0.12978EPSS
Exploits2Affected Software1
RustSec
RustSec
added 2018/08/22 12:0 p.m.19 views

Use of uninitialized memory in temporary

Uninit memory is used as a RNG seed in temporary The following function is used as a way to get entropy from the system, which does operations on and exposes uninit memory, which is UB. rust fn randomseed: &Path, : &str - u64; 2 use std::mem::uninitialized as rand; unsafe rand:: ^ 0x12345678,...

1.1AI score
Exploits0Affected Software1
OSV
OSV
added 2017/07/21 9:29 p.m.3 views

CVE-2017-11519

passwdrecovery.lua on the TP-Link Archer C9UNV2160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9UNV2170511...

9.8CVSS5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/07/19 12:0 a.m.29 views

F5 Networks BIG-IP : NTP vulnerability (SOL15935)

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

7.5CVSS7.2AI score0.12978EPSS
Exploits1References2
NVD
NVD
added 2014/12/20 2:59 a.m.24 views

CVE-2014-9294

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...

7.5CVSS3.9AI score0.12978EPSS
Exploits1References21
OSV
OSV
added 2014/12/20 2:59 a.m.7 views

CVE-2014-9294

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...

7.3AI score
Exploits0References22
Cvelist
Cvelist
added 2014/12/20 2:0 a.m.31 views

CVE-2014-9294

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...

5.5AI score0.12978EPSS
Exploits1References21
Debian CVE
Debian CVE
added 2014/12/20 2:0 a.m.26 views

CVE-2014-9294

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...

7.5CVSS6.2AI score0.12978EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2014/12/19 12:0 a.m.31 views

CVE-2014-9294

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...

7.5CVSS7.2AI score0.12978EPSS
Exploits1References5
Rows per page
Query Builder