Lucene search
K

5 matches found

Veracode
Veracode
added 2026/04/29 9:24 a.m.6 views

Weak Random Value Generation For Secrets (weak PRNG)

Spring Boot is vulnerable to the use of a weak pseudo-random number generator PRNG. The vulnerability is due to the use of predictable random value sources e.g., $random.value, $random.int, $random.long, which allows an attacker to guess or brute-force generated secrets and compromise application...

8.2CVSS5.8AI score0.00312EPSS
Exploits0References10Affected Software2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/04 9:16 a.m.3 views

Malicious code in latoken-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4deb1d0e6195e2e52b15c4809decbc35fba20798ba8ab501f3d8558296562d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2024/09/04 9:8 a.m.5 views

MAL-2024-8751 Malicious code in bwiueor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a58c7ce1a6c1340dfe0646fa5ffe8b5916b1476bd1c511dde3c799c8d93b37d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/09/07 7:9 a.m.11 views

MAL-2022-3 Malicious code in --legacy-peer-deps (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9016f41e70e542399b68b5d9e362563751dedbff976a3bd66808702c420f35f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/08/19 3:55 a.m.2 views

Malicious code in r2act (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 666edae682afb251329ec39465aabdd8af84df52f5db6718723db0c65fc3b429 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder