Fedora 44 : perl-Crypt-PasswdMD5 (2026-30d86fe986)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-30d86fe986 advisory. This update uses a cryptographically strong random number source rather than perl's rand function to generate random salt values when required CVE-2026-6659...

UBUNTU-CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

CVE-2026-47372

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

CVE-2026-47372 Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography...

UBUNTU-CVE-2026-6659

Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography...

EUVD-2026-22840

Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The makesalt and makesaltbcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply...

CVE-2026-5088

Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The makesalt and makesaltbcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply...

Apache::API::Password 安全漏洞

Apache::API::Password is a password management module provided by the Apache Foundation. Versions of Apache::API::Password up to v0.5.2 contained security vulnerabilities. These vulnerabilities stemmed from the use of an insecure random number generator for generating salts, which could compromis...

CVE-2023-49599

An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted series of HTTP requests can lead to privilege escalation. An attacker can gather system information via HTTP requests and brute force the salt offline...

EUVD-2008-2288

Malware in sbrugna...

EUVD-2024-21971

Malicious code in bioql PyPI...

PT-2025-14484 · Unknown · Crypt::Salt

Name of the Vulnerable Software and Affected Versions: Crypt::Salt for Perl version 0.01 Description: The issue concerns the use of an insecure rand function when generating salts for cryptographic purposes. This could potentially lead to weaknesses in the cryptographic mechanisms that rely on...

Privilege Escalation

WWBN AVideo is vulnerable to Privilege Escalation. The vulnerability is due to improper salt generation functionality within the application. An attacker can exploit this issue via crafting malicious HTTP requests leading to the recovery of the admin password...

GHSA-WQCC-QF63-C2X4 WWBN AVideo Insufficient Entropy vulnerbaility

An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted series of HTTP requests can lead to privilege escalation. An attacker can gather system information via HTTP requests and bruteforce the salt offline,...

WWBN AVideo Insufficient Entropy vulnerbaility

An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted series of HTTP requests can lead to privilege escalation. An attacker can gather system information via HTTP requests and bruteforce the salt offline,...

CVE-2023-49599

An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted series of HTTP requests can lead to privilege escalation. An attacker can gather system information via HTTP requests and brute force the salt offline...

CVE-2023-49599

An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted series of HTTP requests can lead to privilege escalation. An attacker can gather system information via HTTP requests and brute force the salt offline...

Design/Logic Flaw

An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted series of HTTP requests can lead to privilege escalation. An attacker can gather system information via HTTP requests and brute force the salt offline...

CVE-2023-49599

Summary (CVE-2023-49599) : WWBN AVideo dev master commit 15fed957fb is affected by an insufficient entropy vulnerability in the salt generation. The salt is generated via uniqid() and the IV is derived from the install path, while the secret key is the SHA-256 hash of the salt. An attacker can ga...