Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Coturn has unsafe nonce and relay port randomization due to weak random number generation.
FreshRSS has weak cryptographic randomness in remember-me token and nonce generation
Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator
WBCE CMS has Weak Random Number Generator in Password Generation Function
Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values
Apache Druid: Kerberos authenticaton chooses a cryptographically unsecure secret if not configured explicitly.
Jumo: Insufficient entropy in PRNG may lead to root access
Crypt::RandomEncryption for Perl uses insecure rand() function during encryption
Starch versions 0.14 and earlier generate session ids insecurely
Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces
Vision UI's security-kit Contains Cryptographic Weakness
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely
Authen::DigestMD5 versions 0.01 through 0.04 for Perl generate the cnonce insecurely
Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely
Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha text
Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens
Mojolicious versions from 7.28 for Perl will generate weak HMAC session cookie secrets via "mojo generate app" by default
Formidable (aka node-formidable) 2
Showing 1 - 20 of 1,000+ results