Total
303 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5885 | 2 Fedoraproject, Matrix | 2 Fedora, Synapse | 2023-11-07 | N/A |
| Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users. | ||||
| CVE-2019-5420 | 3 Debian, Fedoraproject, Rubyonrails | 3 Debian Linux, Fedora, Rails | 2023-11-07 | 9.8 Critical |
| A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit. | ||||
| CVE-2019-1549 | 1 Openssl | 1 Openssl | 2023-11-07 | 5.3 Medium |
| OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). | ||||
| CVE-2019-1543 | 1 Openssl | 1 Openssl | 2023-11-07 | N/A |
| ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b). Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j). | ||||
| CVE-2019-12821 | 1 Jisiwei | 2 I3, I3 Firmware | 2023-11-07 | N/A |
| A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. The QR-code follows an easily predictable pattern that depends only on the specific device ID of the robot vacuum cleaner. By generating a QR-code containing information about the device ID, it is possible to connect an arbitrary device and gain full access to it. The device ID has an initial "JSW" substring followed by a six digit number that depends on the specific device. | ||||
| CVE-2019-10084 | 1 Apache | 1 Impala | 2023-11-07 | 7.5 High |
| In Apache Impala 2.7.0 to 3.2.0, an authenticated user with access to the IDs of active Impala queries or sessions can interact with those sessions or queries via a specially-constructed request and thereby potentially bypass authorization and audit mechanisms. Session and query IDs are unique and random, but have not been documented or consistently treated as sensitive secrets. Therefore they may be exposed in logs or interfaces. They were also not generated with a cryptographically secure random number generator, so are vulnerable to random number generator attacks that predict future IDs based on past IDs. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user. | ||||
| CVE-2023-31147 | 2 C-ares Project, Fedoraproject | 2 C-ares, Fedora | 2023-10-31 | 6.5 Medium |
| c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the random number generator is fed into a non-compilant RC4 implementation and may not be as strong as the original RC4 implementation. No attempt is made to look for modern OS-provided CSPRNGs like arc4random() that is widely available. This issue has been fixed in version 1.19.1. | ||||
| CVE-2023-31124 | 2 C-ares Project, Fedoraproject | 2 C-ares, Fedora | 2023-10-31 | 3.7 Low |
| c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | ||||
| CVE-2020-27213 | 1 Ethernut | 1 Nut\/os | 2023-10-27 | 7.5 High |
| An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. While the ISN generator seems to adhere to RFC 793 (where a global 32-bit counter is incremented roughly every 4 microseconds), proper ISN generation should aim to follow at least the specifications outlined in RFC 6528. | ||||
| CVE-2020-2099 | 1 Jenkins | 1 Jenkins | 2023-10-25 | 8.6 High |
| Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents. | ||||
| CVE-2020-27635 | 1 Capgemini | 1 Picotcp | 2023-10-13 | 9.1 Critical |
| In PicoTCP 1.7.0, TCP ISNs are improperly random. | ||||
| CVE-2020-27631 | 1 Oryx-embedded | 1 Cyclonetcp | 2023-10-13 | 9.8 Critical |
| In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random. | ||||
| CVE-2020-27630 | 1 Silabs | 1 Uc\/tcp-ip | 2023-10-13 | 9.8 Critical |
| In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random. | ||||
| CVE-2020-27633 | 1 Butok | 1 Fnet | 2023-10-13 | 9.1 Critical |
| In FNET 4.6.3, TCP ISNs are improperly random. | ||||
| CVE-2020-27634 | 1 Contiki-ng | 1 Contiki-ng | 2023-10-13 | 9.1 Critical |
| In Contiki 4.5, TCP ISNs are improperly random. | ||||
| CVE-2020-27636 | 1 Microchip | 1 Mplab Network Creator | 2023-10-13 | 9.1 Critical |
| In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random. | ||||
| CVE-2020-17470 | 1 Butok | 1 Fnet | 2023-10-12 | 5.3 Medium |
| An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly simplifies DNS cache poisoning attacks. | ||||
| CVE-2023-4344 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-09-16 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection | ||||
| CVE-2023-41879 | 1 Openmage | 1 Magento | 2023-09-15 | 7.5 High |
| Magento LTS is the official OpenMage LTS codebase. Guest orders may be viewed without authentication using a "guest-view" cookie which contains the order's "protect_code". This code is 6 hexadecimal characters which is arguably not enough to prevent a brute-force attack. Exposing each order would require a separate brute force attack. This issue has been patched in versions 19.5.1 and 20.1.1. | ||||
| CVE-2023-34353 | 1 Openautomationsoftware | 1 Oas Platform | 2023-09-08 | 7.5 High |
| An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability. | ||||