Vulnerabilities > Insufficient Entropy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-31176 | Insufficient Entropy vulnerability in Selinc Sel-451 Firmware An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. | 9.8 |
| 2023-10-25 | CVE-2023-31582 | Insufficient Entropy vulnerability in Jose4J Project Jose4J jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less. | 7.5 |
| 2023-08-24 | CVE-2023-34973 | Insufficient Entropy vulnerability in Qnap QTS and Quts Hero An insufficient entropy vulnerability has been reported to affect QNAP operating systems. | 5.3 |
| 2023-08-01 | CVE-2023-38357 | Insufficient Entropy vulnerability in RWS Worldserver 11.7.3 Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions. | 5.3 |
| 2023-07-03 | CVE-2023-36610 | Insufficient Entropy vulnerability in Ovarro products ?The affected TBox RTUs generate software security tokens using insufficient entropy. | 5.9 |
| 2023-06-20 | CVE-2023-3325 | Insufficient Entropy vulnerability in Cmscommander CMS Commander The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmsc_add_site' function in versions up to, and including, 2.287. | 9.8 |
| 2023-02-07 | CVE-2022-43755 | Insufficient Entropy vulnerability in Suse Rancher A Insufficient Entropy vulnerability in SUSE Rancher allows attackers that gained knowledge of the cattle-token to continue abusing this even after the token was renewed. | 9.8 |
| 2022-12-27 | CVE-2021-4238 | Randomly-generated alphanumeric strings contain significantly less entropy than expected. | 9.1 |
| 2022-08-15 | CVE-2022-34294 | Insufficient Entropy vulnerability in Totd Project Totd 1.5.3 totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. | 9.8 |
| 2022-08-15 | CVE-2022-37401 | Insufficient Entropy vulnerability in Apache Openoffice Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. | 8.8 |