16 matches found
CVE-2026-5087
CVE-2026-5087 affects PAGI::Middleware::Session::Store::Cookie for Perl, versions up to 0.001003. The root cause is that the store reads random bytes directly from /dev/urandom; if that device is unavailable (e.g., on Windows), it issues a warning and falls back to using the built-in rand() funct...
CVE-2023-31305
Generation of weak and predictable Initialization Vector IV in PMFW Power Management Firmware may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
EUVD-2019-0751
Malware in sbrugna...
EUVD-2022-30651
Malicious code in bioql PyPI...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
CVE-2022-26083
Generation of weak initialization vector in an IntelR IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access...
PT-2025-6481 · Intel · Intel Ipp Cryptography
Name of the Vulnerable Software and Affected Versions: IntelR IPP Cryptography software library versions prior to 2021.5 Description: The issue is related to the generation of a weak initialization vector in the IntelR IPP Cryptography software library. This may allow an unauthenticated user to...
CVE-2023-31305
Generation of weak and predictable Initialization Vector IV in PMFW Power Management Firmware may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure...
Intel® IPP Cryptography Advisory
Summary: A potential security vulnerability in an Intel® Integrated Performance Primitives IPP Cryptography software library may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26083 Description:...
Magento 2 Community Edition Cryptographic Flaw
A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts...
CVE-2019-7886
CVE-2019-7886 affects Magento 2.1.x before 2.1.18, 2.2.x before 2.2.9, and 2.3.x before 2.3.2. The issue is a weak cryptographic mechanism used to generate the initialization vector in multiple security contexts, enabling potential cryptographic abuse. RedHat and OSV listings confirm the same des...
Unauthenticated crypto and weak IV in Magento\Framework\Encryption
More info at http://www.openwall.com/lists/oss-security/2016/07/19/3...