Vulnerabilities > Insufficient Entropy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-08 | CVE-2021-41615 | Insufficient Entropy vulnerability in Embedthis Goahead 2.1.8 websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 (or RFC 2617 section 3.2.1). | 9.8 |
| 2022-07-11 | CVE-2020-29505 | Insufficient Entropy vulnerability in multiple products Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability. | 7.5 |
| 2022-06-16 | CVE-2022-33756 | Insufficient Entropy vulnerability in Broadcom CA Automic Automation 12.2/12.3 CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. | 7.5 |
| 2022-01-28 | CVE-2021-22799 | Insufficient Entropy vulnerability in Schneider-Electric Software Update 2.3.0/2.3.1/2.5.1 A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from an internal network to an external network when an attacker manages to decrypt the SESU proxy password from the registry. | 3.8 |
| 2021-12-20 | CVE-2021-42138 | Insufficient Entropy vulnerability in Thalesgroup Safenet Windows Logon Agent A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine. | 6.5 |
| 2021-09-02 | CVE-2021-31798 | Insufficient Entropy vulnerability in Cyberark Credential Provider The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files. | 4.4 |
| 2021-09-02 | CVE-2021-31797 | Insufficient Entropy vulnerability in Cyberark Credential Provider The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure. | 5.1 |
| 2021-08-18 | CVE-2020-25926 | Insufficient Entropy vulnerability in Hcc-Embedded Nichestack Tcp/Ip 4.0.1 The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. | 7.5 |
| 2021-07-19 | CVE-2021-33027 | Insufficient Entropy vulnerability in Sylabs Singularity Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce. | 9.8 |
| 2021-05-11 | CVE-2021-29471 | Insufficient Entropy vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 5.3 |