Vulnerabilities > Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-05-23 | CVE-2024-5264 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Thalesgroup Luna EFT 2.1 Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis | 6.5 |
2024-04-15 | CVE-2024-31497 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. | 5.9 |
2024-02-08 | CVE-2024-23660 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Binance Trust Wallet 0.0.4 The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 2023. | 7.5 |
2024-01-16 | CVE-2023-45236 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Tianocore Edk2 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. | 7.5 |
2024-01-16 | CVE-2023-45237 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Tianocore Edk2 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. | 7.5 |
2023-11-15 | CVE-2023-48224 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ethyca Fides Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. | 9.1 |
2023-10-19 | CVE-2023-27791 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ixpdata Easyinstall 6.6.148840 An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG. | 8.1 |
2023-10-19 | CVE-2022-26943 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Motorola Mtm5400 Firmware and Mtm5500 Firmware The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. | 8.8 |
2023-08-09 | CVE-2023-39910 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Libbitcoin Explorer The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6.0 is weak, aka the Milk Sad issue. | 7.5 |
2023-07-07 | CVE-2023-36993 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Travianz Project Travianz 8.3.3/8.3.4 The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over accounts. | 9.8 |