Vulnerabilities > Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-07 | CVE-2023-36993 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Travianz Project Travianz 8.3.3/8.3.4 The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over accounts. | 9.8 |
| 2023-06-19 | CVE-2022-48506 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Dominionvoting Democracy Suite A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. | 2.4 |
| 2023-06-09 | CVE-2023-34363 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Progress Datadirect Odbc Oracle Wire Protocol Driver An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. | 5.9 |
| 2023-06-06 | CVE-2023-32549 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Canonical Landscape Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. | 7.5 |
| 2023-04-27 | CVE-2023-31290 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Trustwallet Trust Wallet Browser Extension and Trust Wallet Core Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. | 5.9 |
| 2023-03-28 | CVE-2023-28395 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01 Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm that can be predicted and can aid in authentication and authorization bypass. | 7.5 |
| 2023-02-01 | CVE-2022-45782 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Dotcms An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. | 8.8 |
| 2022-12-05 | CVE-2022-35255 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. | 9.1 |
| 2022-11-07 | CVE-2022-44796 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Objectfirst Object First 1.0.7.712 An issue was discovered in Object First Ootbi BETA build 1.0.7.712. | 9.8 |
| 2022-09-18 | CVE-2022-40769 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Profanity Project Profanity profanity through 1.60 has only four billion possible RNG initializations. | 7.5 |