Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-0767

Malware in sbrugna...

8.1CVSS8.1AI score0.00339EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/22 10:25 a.m.4 views

CVE-2019-10755

The SAML identifier generated within SAML2Utils.java was found to make use of the apache commons-lang3 RandomStringUtils class which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong. This issue only affects the 3.X release of pac4j-saml...

4.9CVSS6.8AI score0.00312EPSS
Exploits0References1
Veracode
Veracodeadded 2024/09/26 7:10 a.m.6 views

Weak Random String Generation

org.apache.linkis, linkis-engineplugin-spark is vulnerable to weak random string generation. The vulnerability is due to insecure random string generation via Commons Lang's RandomStringUtils, which allows an attacker to predict the generated token, potentially enabling unauthorized access or...

7.5CVSS6.7AI score0.00157EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2023/05/25 9:55 p.m.19 views

CVE-2023-31147 Insufficient randomness in generation of DNS query IDs in c-ares

c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand so will generate predictable output. Input from the random number generator i...

5.9CVSS7AI score0.00103EPSS
Exploits0References7
Rows per page
Query Builder