17 matches found
EUVD-2025-23664
Malicious code in bioql PyPI...
EUVD-2025-23663
Malicious code in bioql PyPI...
CVE-2025-54884
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...
CVE-2025-54883
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 packaged in Vision-ui = 1.4.0 contains a critical cryptographic weakness. Due to a silent 32-bit...
CVE-2025-54883
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 packaged in Vision-ui = 1.4.0 contains a critical cryptographic weakness. Due to a silent 32-bit...
CVE-2025-54884
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...
Vision UI 安全特征问题漏洞
Vision UI is a UI component by the individual developer David Osipov. A security feature issue vulnerability exists in Vision UI version 1.4.0 and earlier, which stems from a 32-bit integer overflow in the getSecureRandomInt function, which may result in an uneven distribution of random numbers...
CVE-2025-54884 Vision UI security-kit.js: Potential Uncontrolled Resource Allocation Vulnerability
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...
CVE-2025-54884 Vision UI security-kit.js: Potential Uncontrolled Resource Allocation Vulnerability
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...
CVE-2025-54884 Vision UI security-kit.js: Potential Uncontrolled Resource Allocation Vulnerability
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...
CVE-2025-54884
CVE-2025-54884 applies to Vision UI 1.4.0 and below, where security-kit pre-3.5.0 functions generateSecureId and getSecureRandomInt can trigger memory exhaustion under DoS scenarios. Specifically, generateSecureId(length) uses length to size a Uint8Array, enabling excessive memory allocation via ...
CVE-2025-54883 Vision UI's security-kit Contains Cryptographic Weakness
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 packaged in Vision-ui = 1.4.0 contains a critical cryptographic weakness. Due to a silent 32-bit...
CVE-2025-54883 Vision UI's security-kit Contains Cryptographic Weakness
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 packaged in Vision-ui = 1.4.0 contains a critical cryptographic weakness. Due to a silent 32-bit...
CVE-2025-54883
Summary: CVE-2025-54883 affects Vision UI up to version 1.4.0, where the internal getSecureRandomInt in security-kit pre-3.5.0 uses a 32‑bit mask in rejection sampling that overflows, producing a non-uniform distribution of random numbers when the requested entropy exceeds 32 bits. The root cause...
CVE-2025-54883 Vision UI's security-kit Contains Cryptographic Weakness
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 packaged in Vision-ui = 1.4.0 contains a critical cryptographic weakness. Due to a silent 32-bit...
PT-2025-32008 · Unknown +1 · Security-Kit +1
Name of the Vulnerable Software and Affected Versions: Vision UI versions 1.4.0 and below security-kit versions prior to 3.5.0 Description: The getSecureRandomInt function contains a cryptographic weakness due to a silent 32-bit integer overflow in its internal masking logic. This prevents the...
PT-2025-32009 · Unknown +1 · Security-Kit +1
Name of the Vulnerable Software and Affected Versions: Vision UI versions 1.4.0 and below Description: The generateSecureId and getSecureRandomInt functions within the security-kit component versions prior to 3.5.0, packaged in Vision UI 1.4.0 and below are susceptible to Denial of Service DoS...