Total
30 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-34600 | 1 Telenot | 1 Compasx | 2024-09-16 | 4.9 MEDIUM | 5.5 MEDIUM |
Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation. | |||||
CVE-2024-27632 | 2024-08-16 | N/A | N/A | ||
An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function. | |||||
CVE-2024-36048 | 2024-08-08 | N/A | 9.8 CRITICAL | ||
QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values. | |||||
CVE-2022-31034 | 1 Argoproj | 1 Argo Cd | 2024-08-07 | 6.8 MEDIUM | 8.1 HIGH |
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in parameters in Oauth2/OIDC login flows. In each case, using a relatively-predictable (time-based) seed in a non-cryptographically-secure pseudo-random number generator made the parameter less random than required by the relevant spec or by general best practices. In some cases, using too short a value made the entropy even less sufficient. The attacks on login flows which are meant to be mitigated by these parameters are difficult to accomplish but can have a high impact potentially granting an attacker admin access to Argo CD. Patches for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. There are no known workarounds for this vulnerability. | |||||
CVE-2016-10180 | 1 Dlink | 2 Dwr-932b, Dwr-932b Firmware | 2024-08-01 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding. | |||||
CVE-2024-1579 | 2024-04-30 | N/A | 8.1 HIGH | ||
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea GateManager (Webserver modules) allows Session Hijacking.This issue affects GateManager: before 11.2.624071020. | |||||
CVE-2023-49343 | 1 Ubuntubudgie | 1 Budgie Extras | 2024-02-28 | N/A | 7.8 HIGH |
Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel. | |||||
CVE-2023-4472 | 1 Objectplanet | 1 Opinio | 2024-02-28 | N/A | 9.8 CRITICAL |
Objectplanet Opinio version 7.22 and prior uses a cryptographically weak pseudo-random number generator (PRNG) coupled to a predictable seed, which could lead to an unauthenticated account takeover of any user on the application. | |||||
CVE-2022-40267 | 1 Mitsubishielectric | 106 Fx5s-30mr\/es, Fx5s-30mr\/es Firmware, Fx5s-30mt\/es and 103 more | 2024-02-28 | N/A | 9.1 CRITICAL |
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers. | |||||
CVE-2022-31008 | 1 Vmware | 1 Rabbitmq | 2024-02-28 | N/A | 7.5 HIGH |
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. Patched versions correctly use a cluster-wide secret for that purpose. This issue has been addressed and Patched versions: `3.10.2`, `3.9.18`, `3.8.32` are available. Users unable to upgrade should disable the Shovel and Federation plugins. | |||||
CVE-2022-42159 | 1 Dlink | 6 Covr 1200, Covr 1200 Firmware, Covr 1202 and 3 more | 2024-02-28 | N/A | 4.3 MEDIUM |
D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator. | |||||
CVE-2022-39218 | 1 Fastly | 1 Js-compute | 2024-02-28 | N/A | 7.5 HIGH |
The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the `Math.random` and `crypto.getRandomValues` methods fail to use sufficiently random values. The initial value to seed the PRNG (pseudorandom number generator) is baked-in to the final WebAssembly module, making the sequence of random values for that specific WebAssembly module predictable. An attacker can use the fixed seed to predict random numbers generated by these functions and bypass cryptographic security controls, for example to disclose sensitive data encrypted by functions that use these generators. The problem has been patched in version 0.5.3. No known workarounds exist. | |||||
CVE-2019-25061 | 1 Random Password Generator Project | 1 Random Password Generator | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password prediction. | |||||
CVE-2022-26852 | 1 Dell | 1 Emc Powerscale Onefs | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise. | |||||
CVE-2021-41117 | 1 Keypair Project | 1 Keypair | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
keypair is a a RSA PEM key generator written in javascript. keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys used in SSH. This would mean that the library is generating identical P, Q (and thus N) values which, in practical terms, is impossible with RSA-2048 keys. Generating identical values, repeatedly, usually indicates an issue with poor random number generation, or, poor handling of CSPRNG output. Issue 1: Poor random number generation (`GHSL-2021-1012`). The library does not rely entirely on a platform provided CSPRNG, rather, it uses it's own counter-based CMAC approach. Where things go wrong is seeding the CMAC implementation with "true" random data in the function `defaultSeedFile`. In order to seed the AES-CMAC generator, the library will take two different approaches depending on the JavaScript execution environment. In a browser, the library will use [`window.crypto.getRandomValues()`](https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L971). However, in a nodeJS execution environment, the `window` object is not defined, so it goes down a much less secure solution, also of which has a bug in it. It does look like the library tries to use node's CSPRNG when possible unfortunately, it looks like the `crypto` object is null because a variable was declared with the same name, and set to `null`. So the node CSPRNG path is never taken. However, when `window.crypto.getRandomValues()` is not available, a Lehmer LCG random number generator is used to seed the CMAC counter, and the LCG is seeded with `Math.random`. While this is poor and would likely qualify in a security bug in itself, it does not explain the extreme frequency in which duplicate keys occur. The main flaw: The output from the Lehmer LCG is encoded incorrectly. The specific [line][https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L1008] with the flaw is: `b.putByte(String.fromCharCode(next & 0xFF))` The [definition](https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L350-L352) of `putByte` is `util.ByteBuffer.prototype.putByte = function(b) {this.data += String.fromCharCode(b);};`. Simplified, this is `String.fromCharCode(String.fromCharCode(next & 0xFF))`. The double `String.fromCharCode` is almost certainly unintentional and the source of weak seeding. Unfortunately, this does not result in an error. Rather, it results most of the buffer containing zeros. Since we are masking with 0xFF, we can determine that 97% of the output from the LCG are converted to zeros. The only outputs that result in meaningful values are outputs 48 through 57, inclusive. The impact is that each byte in the RNG seed has a 97% chance of being 0 due to incorrect conversion. When it is not, the bytes are 0 through 9. In summary, there are three immediate concerns: 1. The library has an insecure random number fallback path. Ideally the library would require a strong CSPRNG instead of attempting to use a LCG and `Math.random`. 2. The library does not correctly use a strong random number generator when run in NodeJS, even though a strong CSPRNG is available. 3. The fallback path has an issue in the implementation where a majority of the seed data is going to effectively be zero. Due to the poor random number generation, keypair generates RSA keys that are relatively easy to guess. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim. | |||||
CVE-2021-42810 | 1 Thalesgroup | 1 Safenet Authentication Service Remote Desktop Gateway | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
A flaw in the previous versions of the product may allow an authenticated attacker the ability to execute code as a privileged user on a system where the agent is installed. | |||||
CVE-2016-3735 | 1 Piwigo | 1 Piwigo | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo defaults to usingmt_rand in order to generate password reset tokens. mt_rand output can be predicted after recovering the seed used to generate it. This low an unauthenticated attacker to take over an account providing they know an administrators email address in order to be able to request password reset. | |||||
CVE-2021-32033 | 1 Protectimus | 2 Slim Nfc 70, Slim Nfc 70 Firmware | 2024-02-28 | 1.9 LOW | 4.6 MEDIUM |
Protectimus SLIM NFC 70 10.01 devices allow a Time Traveler attack in which attackers can predict TOTP passwords in certain situations. The time value used by the device can be set independently from the used seed value for generating time-based one-time passwords, without authentication. Thus, an attacker with short-time physical access to a device can set the internal real-time clock (RTC) to the future, generate one-time passwords, and reset the clock to the current time. This allows the generation of valid future time-based one-time passwords without having further access to the hardware token. | |||||
CVE-2020-28597 | 1 Epignosishq | 1 Efront | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password of an account of their choice. | |||||
CVE-2021-27211 | 1 Steghide Project | 1 Steghide | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to detect hidden data. |