Search Vulnerabilities

haxtheweb/haxcms-php uses insecure method for generating salt

Hardcoded Cryptographic Keys and Weak IV Generation in linqi

Weak Randomness / Insecure Cryptographic Primitive (CWE-338) in Get-RandomPassword in BOSH-Ecosystem / windows-utilities-release allows a network a...

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available

Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts

Magento LTS: Weak API Session ID — Predictable MD5 of Time-Derived Inputs

Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids

Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys

WebDyne::Session versions through 2.075 for Perl generates the session id insecurely

Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts

RELATE: Predictable Token Generation in auth.py and exam.py

Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely

SmarterTools SmarterMail < Build 9610 Cryptographic Weakness via Weak RNG

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking

Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts

Solstice::Session versions through 1440 for Perl generates session ids insecurely

Ado::Sessions versions through 0.935 for Perl generates insecure session ids

Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id

Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)

PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely