Common Weakness Enumeration

CWE-331

Allowed

Insufficient Entropy

Abstraction: Base · Status: Draft

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

207 vulnerabilities reference this CWE, most recent first.

GHSA-PRXV-HGR8-WHHF

Vulnerability from github – Published: 2022-05-13 01:06 – Updated: 2022-05-13 01:06
VLAI
Details

The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 generates session cookies with insufficient entropy, which makes it easier for remote attackers to hijack sessions via a brute-force attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-8422"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-12T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 generates session cookies with insufficient entropy, which makes it easier for remote attackers to hijack sessions via a brute-force attack.",
  "id": "GHSA-prxv-hgr8-whhf",
  "modified": "2022-05-13T01:06:06Z",
  "published": "2022-05-13T01:06:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8422"
    },
    {
      "type": "WEB",
      "url": "https://networks.unify.com/security/advisories/OBSO-1501-02.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.modzero.ch/advisories/MZ-14-02-Siemens-Unify-OpenStage.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QCVP-8FMP-WRF6

Vulnerability from github – Published: 2023-06-20 06:31 – Updated: 2024-04-04 04:58
VLAI
Details

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmsc_add_site' function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the plugin to change the '_cmsc_public_key' in the plugin config, providing access to the plugin's remote control functionalities, such as creating an admin access URL, which can be used for privilege escalation. This can only be exploited if the plugin has not been configured yet, however, if combined with another arbitrary plugin installation and activation vulnerability, the impact can be severe.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3325"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331",
      "CWE-345"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-20T05:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the \u0027cmsc_add_site\u0027 function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the plugin to change the \u0027_cmsc_public_key\u0027 in the plugin config, providing access to the plugin\u0027s remote control functionalities, such as creating an admin access URL, which can be used for privilege escalation. This can only be exploited if the plugin has not been configured yet, however, if combined with another arbitrary plugin installation and activation vulnerability, the impact can be severe.",
  "id": "GHSA-qcvp-8fmp-wrf6",
  "modified": "2024-04-04T04:58:10Z",
  "published": "2023-06-20T06:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3325"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/cms-commander-client/tags/2.287/init.php#L88"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset/2927811/cms-commander-client"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca37d453-9f9a-46b2-a17f-65a16e3e2ed1?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QJXF-MC72-WJR2

Vulnerability from github – Published: 2024-09-17 21:31 – Updated: 2024-09-20 20:20
VLAI
Summary
Devise-Two-Factor Authentication Uses Insufficient Default OTP Shared Secret Length
Details

Summary

Under the default configuration, Devise-Two-Factor versions 1.0.0 or >= 4.0.0 & < 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by RFC 4226. Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an attacker to guess the shared secret and generate valid TOTP codes.

Remediation

Devise-Two-Factor should be upgraded to version v6.0.0 as soon as possible. After upgrading, the length of shared secrets and TOTP URLs generated by the library will increase since the new shared secrets will be longer.

If upgrading is not possible, you can override the default otp_secret_length attribute in the model when configuring two_factor_authenticable and set it to a value of at least 26 to ensure newly generated shared secrets are at least 128-bits long.

After upgrading or implementing the workaround, applications using Devise-Two-Factor may wish to migrate users to the new OTP length to provide increased protection for those accounts. Turning off OTP for users by setting otp_required_for_login to false is not recommended since it would leave accounts unprotected. However, you may wish to implement application logic that checks the length of a user's shared secret and prompts users to re-enroll in OTP.

Background

Devise-Two-Factor uses ROTP to generate shared secrets for TOTP. In ROTP < 5.0.0, the first argument to the ROTP::Base32#random_base32 function represented the number of bytes to read from SecureRandom which were then returned as a base32-encoded string. In ROTP 5.1.0, this function was changed so that the first argument now represents the length of the base32-encoded string returned by the function instead of the number of bytes to read from SecureRandom resulting in a shorter key being generated for the same input value. (https://github.com/mdp/rotp/commit/15d5104e3cb99f97d36c772f8f09cf7e2e77de20).

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "devise-two-factor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "6.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "devise-two-factor"
      },
      "versions": [
        "1.0.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2024-8796"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-09-17T21:31:50Z",
    "nvd_published_at": "2024-09-17T18:15:05Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nUnder the default configuration, Devise-Two-Factor versions 1.0.0 or \u003e= 4.0.0 \u0026 \u003c 6.0.0 generate TOTP shared secrets that are 120 bits instead of the 128-bit minimum defined by [RFC 4226](https://datatracker.ietf.org/doc/html/rfc4226). Using a shared secret shorter than the minimum to generate a multi-factor authentication code could make it easier for an attacker to guess the shared secret and generate valid TOTP codes.\n\n### Remediation\nDevise-Two-Factor should be upgraded to version v6.0.0 as soon as possible. After upgrading, the length of shared secrets and TOTP URLs generated by the library will increase since the new shared secrets will be longer.\n\nIf upgrading is not possible, you can override the default `otp_secret_length` attribute in the model when configuring `two_factor_authenticable` and set it to a value of at least 26 to ensure newly generated shared secrets are at least 128-bits long.\n\nAfter upgrading or implementing the workaround, applications using Devise-Two-Factor may wish to migrate users to the new OTP length to provide increased protection for those accounts. Turning off OTP for users by setting `otp_required_for_login` to false is not recommended since it would leave accounts unprotected. However, you may wish to implement application logic that checks the length of a user\u0027s shared secret and prompts users to re-enroll in OTP.\n\n### Background\nDevise-Two-Factor uses [ROTP](https://github.com/mdp/rotp) to generate shared secrets for TOTP. In ROTP \u003c 5.0.0, the first argument to the `ROTP::Base32#random_base32` function represented the number of bytes to read from SecureRandom which were then returned as a base32-encoded string. In ROTP 5.1.0, this function was changed so that the first argument now represents the length of the base32-encoded string returned by the function instead of the number of bytes to read from SecureRandom resulting in a shorter key being generated for the same input value. (https://github.com/mdp/rotp/commit/15d5104e3cb99f97d36c772f8f09cf7e2e77de20).",
  "id": "GHSA-qjxf-mc72-wjr2",
  "modified": "2024-09-20T20:20:41Z",
  "published": "2024-09-17T21:31:50Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/devise-two-factor/devise-two-factor/security/advisories/GHSA-qjxf-mc72-wjr2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8796"
    },
    {
      "type": "WEB",
      "url": "https://github.com/devise-two-factor/devise-two-factor/commit/cc6f34423d9c6af9f3e02be478c3c40dc7462e19"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/devise-two-factor/devise-two-factor"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Devise-Two-Factor Authentication Uses Insufficient Default OTP Shared Secret Length"
}

GHSA-QRGC-H67X-RJ3X

Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53
VLAI
Details

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-8435"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-09-13T00:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka \"Windows Hyper-V Security Feature Bypass Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows 10 Servers.",
  "id": "GHSA-qrgc-h67x-rj3x",
  "modified": "2022-05-13T01:53:42Z",
  "published": "2022-05-13T01:53:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8435"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8435"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105240"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041624"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R2Q3-HJC8-7X6Q

Vulnerability from github – Published: 2026-05-16 00:31 – Updated: 2026-05-16 03:31
VLAI
Details

Crypt::DSA versions before 1.20 for Perl generate seeds using rand.

Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-8700"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-15T22:16:57Z",
    "severity": null
  },
  "details": "Crypt::DSA versions before 1.20 for Perl generate seeds using rand.\n\nSeeds were generated using Perl\u0027s built-in rand function, which is predictable and unsuitable for security usage.",
  "id": "GHSA-r2q3-hjc8-7x6q",
  "modified": "2026-05-16T03:31:27Z",
  "published": "2026-05-16T00:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8700"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/changes"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/diff/TIMLEGGE/Crypt-DSA-1.19#lib/Crypt/DSA/KeyChain.pm"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/15/26"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-R3V4-HRWM-CXM5

Vulnerability from github – Published: 2025-12-05 06:31 – Updated: 2025-12-05 06:31
VLAI
Details

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-32898"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-05T05:16:58Z",
    "severity": "MODERATE"
  },
  "details": "The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.",
  "id": "GHSA-r3v4-hrwm-cxm5",
  "modified": "2025-12-05T06:31:30Z",
  "published": "2025-12-05T06:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32898"
    },
    {
      "type": "WEB",
      "url": "https://kde.org/info/security/advisory-20250418-3.txt"
    },
    {
      "type": "WEB",
      "url": "https://kdeconnect.kde.org"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R5R9-27M2-2JG7

Vulnerability from github – Published: 2022-05-03 03:19 – Updated: 2022-05-03 03:19
VLAI
Details

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2008-1447"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-07-08T23:41:00Z",
    "severity": "MODERATE"
  },
  "details": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\"",
  "id": "GHSA-r5r9-27m2-2jg7",
  "modified": "2022-05-03T03:19:14Z",
  "published": "2022-05-03T03:19:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/6122"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/6123"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/6130"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html"
    },
    {
      "type": "WEB",
      "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30925"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30973"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30977"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30979"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30980"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30988"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30989"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30998"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31011"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31012"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31014"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31019"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31022"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31030"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31031"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31033"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31052"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31065"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31072"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31093"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31094"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31137"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31143"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31151"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31152"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31153"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31169"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31197"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31199"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31204"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31207"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31209"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31212"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31213"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31221"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31236"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31237"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31254"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31326"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31354"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31422"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31430"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31451"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31482"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31495"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31588"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31687"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31823"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31882"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31900"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33178"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33714"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33786"
    },
    {
      "type": "WEB",
      "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3026"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3129"
    },
    {
      "type": "WEB",
      "url": "http://support.citrix.com/article/CTX117991"
    },
    {
      "type": "WEB",
      "url": "http://support.citrix.com/article/CTX118183"
    },
    {
      "type": "WEB",
      "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=762152"
    },
    {
      "type": "WEB",
      "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018"
    },
    {
      "type": "WEB",
      "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"
    },
    {
      "type": "WEB",
      "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1603"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1604"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1605"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1619"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1623"
    },
    {
      "type": "WEB",
      "url": "http://www.doxpara.com/?p=1176"
    },
    {
      "type": "WEB",
      "url": "http://www.doxpara.com/DMK_BO2K8.ppt"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672"
    },
    {
      "type": "WEB",
      "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=40"
    },
    {
      "type": "WEB",
      "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/800113"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139"
    },
    {
      "type": "WEB",
      "url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/support/viewContent.do?externalId=7000912"
    },
    {
      "type": "WEB",
      "url": "http://www.openbsd.org/errata42.html#013_bind"
    },
    {
      "type": "WEB",
      "url": "http://www.openbsd.org/errata43.html#004_bind"
    },
    {
      "type": "WEB",
      "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"
    },
    {
      "type": "WEB",
      "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html"
    },
    {
      "type": "WEB",
      "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"
    },
    {
      "type": "WEB",
      "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/30131"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020437"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020438"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020440"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020448"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020449"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020548"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020558"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020560"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020561"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020575"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020576"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020577"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020578"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020579"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020651"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020653"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020702"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020802"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020804"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-622-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-627-1"
    },
    {
      "type": "WEB",
      "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2019/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2023/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2025/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2029/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2030/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2050/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2051/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2052/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2055/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2092/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2113/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2114/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2123/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2139/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2166/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2195/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2196/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2197/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2268"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2291"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2334"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2342"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2377"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2383"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2384"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2466"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2467"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2482"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2525"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2549"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2558"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2582"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0297"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0311"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0622"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R6X4-QP59-VF35

Vulnerability from github – Published: 2026-05-12 15:31 – Updated: 2026-05-14 18:32
VLAI
Details

CWE‑331 Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session‑management protections.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4827"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-12T13:17:35Z",
    "severity": "HIGH"
  },
  "details": "CWE\u2011331 Insufficient Entropy vulnerability exists that could lead to unauthorized access when an attacker on the network can exploit weaknesses in session\u2011management protections.",
  "id": "GHSA-r6x4-qp59-vf35",
  "modified": "2026-05-14T18:32:47Z",
  "published": "2026-05-12T15:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4827"
    },
    {
      "type": "WEB",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-132-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2026-132-02.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-RF22-J4Q7-F2F8

Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23
VLAI
Details

Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-9555"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-05T23:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.",
  "id": "GHSA-rf22-j4q7-f2f8",
  "modified": "2022-05-13T01:23:04Z",
  "published": "2022-05-13T01:23:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9555"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/fulldisclosure/2019/Mar/12"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RF68-2835-83VW

Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2024-04-04 01:52
VLAI
Details

The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-15847"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-02T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.",
  "id": "GHSA-rf68-2835-83vw",
  "modified": "2024-04-04T01:52:18Z",
  "published": "2022-05-24T16:55:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15847"
    },
    {
      "type": "WEB",
      "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Determine the necessary entropy to adequately provide for randomness and predictability. This can be achieved by increasing the number of bits of objects such as keys and seeds.

CAPEC-59: Session Credential Falsification through Prediction

This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.