Lucene search
K

114 matches found

Gitee
Gitee
added 2025/07/27 3:38 a.m.90 views

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

Debian OpenSSL Predictable PRNG - - - Links Original URL: http://metasploit.com/users/hdm/tools/debian-openssl/1 Mirror2 Exploit: + https://www.exploit-db.com/exploits/5622/ Perl3 + https://www.exploit-db.com/exploits/5720/ Python4 + https://www.exploit-db.com/exploits/5632/ Ruby12 Recommend Tool...

7.8CVSS6.8AI score0.70721EPSS
Exploits7
SUSE CVE
SUSE CVE
added 2025/05/07 2:19 a.m.4 views

SUSE CVE-2022-49831

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: initialize device's zone info for seeding When performing seeding on a zoned filesystem it is necessary to initialize each zoned device's btrfszoneddeviceinfo structure, otherwise mounting the filesystem will cause ...

5.5CVSS6.5AI score0.00164EPSS
Exploits0References3
OSV
OSV
added 2025/05/01 3:16 p.m.2 views

DEBIAN-CVE-2022-49831

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: initialize device's zone info for seeding When performing seeding on a zoned filesystem it is necessary to initialize each zoned device's btrfszoneddeviceinfo structure, otherwise mounting the filesystem will cause ...

5.5CVSS5.3AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2025/05/01 3:16 p.m.4 views

UBUNTU-CVE-2022-49831

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: initialize device's zone info for seeding When performing seeding on a zoned filesystem it is necessary to initialize each zoned device's btrfszoneddeviceinfo structure, otherwise mounting the filesystem will cause ...

5.5CVSS5.7AI score0.00164EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/05/01 2:9 p.m.11 views

CVE-2022-49831 btrfs: zoned: initialize device's zone info for seeding

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: initialize device's zone info for seeding When performing seeding on a zoned filesystem it is necessary to initialize each zoned device's btrfszoneddeviceinfo structure, otherwise mounting the filesystem will cause ...

0.00164EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/05/01 2:9 p.m.8 views

CVE-2022-49831

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: initialize device's zone info for seeding When performing seeding on a zoned filesystem it is necessary to initialize each zoned device's btrfszoneddeviceinfo structure, otherwise mounting the filesystem will cause ...

5.5CVSS5.3AI score0.00164EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-35875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG...

5.5CVSS6.8AI score0.00235EPSS
Exploits0References4
OSV
OSV
added 2025/02/21 1:35 p.m.4 views

OESA-2025-1143 qt6-qtnetworkauth security update

Qt6 - NetworkAuth component Security Fixes: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.CVE-2024-36048...

9.8CVSS7AI score0.0097EPSS
Exploits0References2
OSV
OSV
added 2025/02/21 1:35 p.m.5 views

OESA-2025-1142 qt6-qtnetworkauth security update

Qt6 - NetworkAuth component Security Fixes: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.CVE-2024-36048...

9.8CVSS7AI score0.0097EPSS
Exploits0References2
NVD
NVD
added 2024/10/03 7:15 p.m.22 views

CVE-2024-41594

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL...

7.5CVSS0.00267EPSS
Exploits0References2
OSV
OSV
added 2024/09/19 4:11 p.m.3 views

USN-7024-1 tgt vulnerability

It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical...

5.9CVSS5.8AI score0.00547EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/08/05 1:2 p.m.35 views

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

Cybersecurity researchers have uncovered design weaknesses in Microsoft's Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings. Smart App Control SAC is a cloud-powered security feature introduced by...

7.3AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/06/30 2:0 p.m.4 views

An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks a random number generator may be seeded with too little data.

...

9.8CVSS9.1AI score0.01243EPSS
Exploits0
OSV
OSV
added 2024/05/29 6:8 p.m.8 views

MGASA-2024-0197 Updated qtnetworkauth5 & qtnetworkauth6 packages fix security vulnerability

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values...

9.8CVSS6.8AI score0.0097EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/05/28 12:0 a.m.7 views

openSUSE Security Advisory (openSUSE-SU-2024:0143-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS10AI score0.0097EPSS
Exploits0References3
OSV
OSV
added 2024/05/27 1:0 p.m.3 views

OPENSUSE-SU-2024:0143-1 Security update for libqt5-qtnetworkauth

This update for libqt5-qtnetworkauth fixes the following issues: - CVE-2024-36048: Fixed data race and poor seeding in generateRandomString boo1224782...

9.8CVSS9.6AI score0.0097EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/05/25 12:0 a.m.11 views

openSUSE Security Advisory (openSUSE-SU-2024:0138-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS10AI score0.0097EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/25 12:0 a.m.16 views

FreeBSD : QtNetworkAuth -- predictable seeding of PRNG in QAbstractOAuth (f5fa174d-19de-11ef-83d8-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f5fa174d-19de-11ef-83d8-4ccc6adda413 advisory. Andy Shaw reports: The OAuth1 implementation in QtNetworkAuth created nonces using a PRNG that was seed...

9.8CVSS5.5AI score0.0097EPSS
Exploits0References4
OSV
OSV
added 2024/05/24 4:1 p.m.10 views

OPENSUSE-SU-2024:0138-1 Security update for qt6-networkauth

This update for qt6-networkauth fixes the following issues: - CVE-2024-36048: Fixed data race and poor seeding in generateRandomString boo1224782...

9.8CVSS7AI score0.0097EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/21 11:12 p.m.5 views

SUSE CVE-2024-36048

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values...

9.8CVSS7AI score0.0097EPSS
Exploits0References5
Rows per page
Query Builder