Vulnerabilities > Insufficient Entropy
|2021-07-21||CVE-2021-22727||A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V184.108.40.206), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V220.127.116.11), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V18.104.22.168 ) that could allow an attacker to gain unauthorized access to the charging station web server|| 0.0 |
|2021-04-19||CVE-2021-3505|| Insufficient Entropy vulnerability in multiple products |
A flaw was found in libtpms in versions before 0.8.0.
| 2.1 |
|2020-06-19||CVE-2017-18883|| Insufficient Entropy vulnerability in Mattermost Server |
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2, when serving as an OAuth 2.0 Service Provider.
| 6.4 |
|2020-06-09||CVE-2020-11957|| Insufficient Entropy vulnerability in Cypress Psoc 4.2 BLE |
The Bluetooth Low Energy implementation in Cypress PSoC Creator BLE 4.2 component versions before 3.64 generates a random number (Pairing Random) with significantly less entropy than the specified 128 bits during BLE pairing.
| 5.4 |
|2020-05-08||CVE-2020-12735|| Insufficient Entropy vulnerability in Domainmod 4.13.0 |
reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.
| 7.5 |
|2020-03-27||CVE-2020-1773|| Insufficient Entropy vulnerability in Otrs |
An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords.
| 5.5 |
|2020-02-28||CVE-2015-3006|| Insufficient Entropy vulnerability in Juniper Junos |
On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates.
| 6.8 |
|2020-02-28||CVE-2019-10064|| Insufficient Entropy vulnerability in W1.Fi Hostapd |
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values.
| 5.0 |
|2020-01-30||CVE-2015-8851|| Insufficient Entropy vulnerability in Node-Uuid Project Node-Uuid |
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing.
| 5.0 |
|2019-11-04||CVE-2013-2260|| Insufficient Entropy vulnerability in Cryptocat Project Cryptocat |
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
| 5.0 |