CWE-335 CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2016-3735	1 Piwigo	1 Piwigo	2024-11-21	8.1 High
Piwigo is image gallery software written in PHP. When a criteria is not met on a host, piwigo defaults to usingmt_rand in order to generate password reset tokens. mt_rand output can be predicted after recovering the seed used to generate it. This low an unauthenticated attacker to take over an account providing they know an administrators email address in order to be able to request password reset.
CVE-2012-1577	3 Debian, Dietlibc Project, Openbsd	3 Debian Linux, Dietlibc, Openbsd	2024-11-21	9.8 Critical
lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.

« first previous Page 3 of 3.