Vulnerabilities > Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-06	CVE-2023-32549	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Canonical Landscape Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. network low complexity canonical CWE-338	7.5
2023-05-25	CVE-2023-2884	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Cbot Core and Cbot Panel Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. network low complexity cbot CWE-338 critical	9.8
2023-04-27	CVE-2023-31290	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Trustwallet Trust Wallet Browser Extension and Trust Wallet Core Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. network high complexity trustwallet CWE-338	5.9
2023-03-28	CVE-2023-28395	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Propumpservice Osprey Pump Controller Firmware 1.01 Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm that can be predicted and can aid in authentication and authorization bypass. network low complexity propumpservice CWE-338	7.5
2023-02-08	CVE-2023-24828	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Onedev Project Onedev Onedev is a self-hosted Git Server with CI/CD and Kanban. network low complexity onedev-project CWE-338	8.8
2023-02-01	CVE-2022-45782	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Dotcms An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. network low complexity dotcms CWE-338	8.8
2022-12-06	CVE-2022-23472	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Passeo Project Passeo Passeo is an open source python password generator. network low complexity passeo-project CWE-338	7.5
2022-12-05	CVE-2022-35255	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. network low complexity nodejs siemens debian CWE-338 critical	9.1
2022-11-07	CVE-2022-44796	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Objectfirst Object First 1.0.7.712 An issue was discovered in Object First Ootbi BETA build 1.0.7.712. network low complexity objectfirst CWE-338 critical	9.8
2022-10-11	CVE-2022-41210	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in SAP Customer Data Cloud 7.4 SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number generator program which makes it easy for the attacker to predict future random numbers. low complexity sap CWE-338	5.2