EUVD-2025-198494

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

PT-2025-47788

Name of the Vulnerable Software and Affected Versions RNP version 0.18.0 Description A regression in RNP version 0.18.0 causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to remain uninitialized, resulting in it always being an all-zero byte array. This allow...

EUVD-2022-29292

Malicious code in bioql PyPI...

EUVD-2022-28055

Malicious code in bioql PyPI...

CVE-2024-58135

Mojolicious (Perl) vulnerability CVE-2024-58135: default app skeleton generation using mojo generate app writes a weak HMAC session secret via the insecure rand() function, enabling potential brute-forcing of session keys. Affected: Mojolicious versions from 7.28 for Perl (and related 0.999922–9....

CVE-2018-3616

Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network...

SUSE-SU-2017:1862-1 Security update for libXdmcp

This update for libXdmcp fixes the following issues: - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable bsc1025046...

CVE-1999-0143

Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys...