31 matches found
CVE-2026-28747
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
CVE-2026-28747
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
CVE-2026-28747 Milesight Cameras Authorization Bypass Through User-Controlled Key
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
CVE-2026-28747
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
CVE-2026-28747 Milesight Cameras Authorization Bypass Through User-Controlled Key
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
CVE-2026-28747
CVE-2026-28747 : A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras that allows authorization to be bypassed. Affected product is Milesight AIOT cameras; root cause is weak key generation in firmware. Impact is high on confidentiality, integrity, an...
PT-2026-35538
Name of the Vulnerable Software and Affected Versions Milesight AIOT cameras affected versions not specified Description A weak key generation issue allows authorization to be bypassed. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
Inadequate Encryption Strength
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of weak cryptographic key generation in the createKeys function. An attacker can gain unauthorized access to protecte...
PT-2026-7886
Name of the Vulnerable Software and Affected Versions Element Server Suite Community Edition ESS Community versions prior to 25.12.1 Description The Element Server Suite Community Edition ESS Community Helm Chart contains a flaw in its secrets initialization hook, specifically within the...
EUVD-2021-14628
Malware in sbrugna...
EUVD-2000-0532
Malware in sbrugna...
EUVD-2024-50853
Malicious code in bioql PyPI...
PT-2025-33834 · Undefined · Undefined
CVE-2025-57722 - Fortinet SSL/TLS Weak Key Generation CVE ID : CVE-2025-57722 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2021-27891
SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected...
CVE-2018-9426
In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution privileges needed. User interaction is not needed for exploitation. Bulletin...
CVE-2023-43637
The CVE describes a cryptographic weakness in EVE’s deriveVaultKey used by the vault key derivation flow. Before version 7.10, the generated 32-byte vault key was weakened because deriveVaultKey calls retrieveCloudKey (which returns a fixed 32-byte key) and then merges it with the random 32-byte ...
Zyxel GS1900 安全特征问题特征问题漏洞
The Zyxel GS1900 is a managed switch from Taiwan, China-based Hopkins Zyxel. A security signature issue vulnerability exists in the Zyxel GS1900 series prior to version V2.70, which stems from incorrectly generating RSA keys using a low entropy random source. An attacker exploits this vulnerabili...
CVE-2022-0828
The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the...
BTCPay Server 安全特征问题漏洞
BTCPay Server is a self-hosted open source cryptocurrency payment processor. It is secure, private, uncensored and free. A cross-site scripting vulnerability exists in BTCPay Server version 1.0.7.0 and prior versions, which stems from a weak method Next to generate pseudo-random values to generat...
CVE-2021-27891
SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected...