Total
298 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-12821 | 1 Jisiwei | 2 I3, I3 Firmware | 2024-02-28 | 5.8 MEDIUM | 4.8 MEDIUM |
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code containing information about the device ID, it is possible to connect an arbitrary device and gain full access to it. The device ID has an initial "JSW" substring followed by a six digit number that depends on the specific device. | |||||
CVE-2019-7886 | 1 Magento | 1 Magento | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts. | |||||
CVE-2018-11045 | 1 Pivotal Software | 1 Operations Manager | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager could get the contents of the corresponding seed from the published image and therefore infer the initial state of the LRNG. | |||||
CVE-2018-18375 | 1 Orange | 2 Airbox, Airbox Firmware | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter. | |||||
CVE-2019-1997 | 1 Google | 1 Android | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117508900. | |||||
CVE-2018-13280 | 1 Synology | 1 Diskstation Manager | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors. | |||||
CVE-2019-8919 | 1 Seafile | 1 Seadroid | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks. | |||||
CVE-2018-1279 | 1 Pivotal Software | 1 Rabbitmq | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster. | |||||
CVE-2018-18531 | 1 Kaptcha Project | 1 Kaptcha | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force approach. | |||||
CVE-2018-17987 | 1 Hashheroes | 1 Hashheroes | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum game, uses a certain blockhash value in an attempt to generate a random number for the case where NUM_TILES equals the number of people who purchased a tile, which allows an attacker to control the awarding of the prize by being the last person to purchase a tile. | |||||
CVE-2018-16239 | 1 Damicms | 1 Damicms | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses. | |||||
CVE-2018-15807 | 1 Posim | 1 Evo | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass any POSIM EVO login prompt. | |||||
CVE-2019-0007 | 1 Juniper | 17 Junos, Mx10, Mx10003 and 14 more | 2024-02-28 | 7.5 HIGH | 10.0 CRITICAL |
The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series. | |||||
CVE-2018-19983 | 1 Silabs | 4 Z-wave S0, Z-wave S0 Firmware, Z-wave S2 and 1 more | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program (e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.). Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending divided "Nonce Get (0x98 0x81)" frames. The reason for dividing the "Nonce Get" frame is that, in security version S0, when a node receives a "Nonce Get" frame, the node produces a random new nonce and sends it to the Src node of the received "Nonce Get" frame. After the nonce value is generated and transmitted, the node transitions to wait mode. At this time, when "Nonce Get" is received again, the node discards the previous nonce value and generates a random nonce again. Therefore, because the frame is encrypted with previous nonce value, the received normal frame cannot be decrypted. | |||||
CVE-2018-18602 | 1 Guardzilla | 12 180 Indoor, 180 Indoor Firmware, 180 Outdoor and 9 more | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring. | |||||
CVE-2018-20025 | 1 Codesys | 15 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 12 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. | |||||
CVE-2018-17888 | 1 Nuuo | 1 Nuuo Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution. | |||||
CVE-2017-16031 | 1 Socket | 1 Socket.io | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Socket.io is a realtime application framework that provides communication via websockets. Because socket.io 0.9.6 and earlier depends on `Math.random()` to create socket IDs, the IDs are predictable. An attacker is able to guess the socket ID and gain access to socket.io servers, potentially obtaining sensitive information. | |||||
CVE-2017-15654 | 1 Asus | 1 Asuswrt | 2024-02-28 | 7.6 HIGH | 8.3 HIGH |
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access. | |||||
CVE-2018-1266 | 1 Cloudfoundry | 1 Capi-release | 2024-02-28 | 6.5 MEDIUM | 8.1 HIGH |
Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. An authenticated malicious user can predict the location of application blobs and leverage path traversal to create a malicious application that has the ability to overwrite arbitrary files on the Cloud Controller instance. |