Vulnerabilities > Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-26 | CVE-2024-45723 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Gotenna The goTenna Pro ATAK Plugin does not use SecureRandom when generating passwords for sharing cryptographic keys. | 6.5 |
2024-09-26 | CVE-2024-47126 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Gotenna PRO The goTenna Pro App does not use SecureRandom when generating passwords for sharing cryptographic keys. | 8.8 |
2024-05-23 | CVE-2024-5264 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Thalesgroup Luna EFT 2.1 Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis | 6.5 |
2024-04-15 | CVE-2024-31497 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. | 5.9 |
2024-02-08 | CVE-2024-23660 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Binance Trust Wallet 0.0.4 The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 2023. | 7.5 |
2024-01-16 | CVE-2023-45236 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Tianocore Edk2 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. | 7.5 |
2024-01-16 | CVE-2023-45237 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Tianocore Edk2 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. | 7.5 |
2023-10-19 | CVE-2023-27791 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ixpdata Easyinstall 6.6.148840 An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG. | 8.1 |
2023-10-19 | CVE-2022-26943 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Motorola Mtm5400 Firmware and Mtm5500 Firmware The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. | 8.8 |
2023-08-09 | CVE-2023-39910 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Libbitcoin Explorer The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6.0 is weak, aka the Milk Sad issue. | 7.5 |