Vulnerabilities > Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-08 | CVE-2024-23660 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Binance Trust Wallet 0.0.4 The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 2023. | 7.5 |
| 2024-01-16 | CVE-2023-45236 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Tianocore Edk2 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. | 7.5 |
| 2024-01-16 | CVE-2023-45237 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Tianocore Edk2 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. | 7.5 |
| 2023-11-15 | CVE-2023-48224 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ethyca Fides Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. | 9.1 |
| 2023-10-19 | CVE-2023-27791 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ixpdata Easyinstall 6.6.148840 An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG. | 8.1 |
| 2023-10-19 | CVE-2022-26943 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Motorola Mtm5400 Firmware and Mtm5500 Firmware The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. | 8.8 |
| 2023-08-09 | CVE-2023-39910 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Libbitcoin Explorer The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6.0 is weak, aka the Milk Sad issue. | 7.5 |
| 2023-07-07 | CVE-2023-36993 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Travianz Project Travianz 8.3.3/8.3.4 The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over accounts. | 9.8 |
| 2023-06-19 | CVE-2022-48506 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Dominionvoting Democracy Suite A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. | 2.4 |
| 2023-06-09 | CVE-2023-34363 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Progress Datadirect Odbc Oracle Wire Protocol Driver An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. | 5.9 |