CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

RNP 安全漏洞

RNP is a C++ library open-sourced by RNP. A security vulnerability exists in RNP that stems from improper PKESK session key generation...

SUSE-SU-2018:0338-1 Security update for libXdmcp

This update for libXdmcp fixes the following issues: - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable bsc1025046...

Design/Logic Flaw

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key...

CVE-1999-0143

Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys...