Vulnerabilities > Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-04 | CVE-2021-23126 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Joomla Joomla! An issue was discovered in Joomla! 3.2.0 through 3.9.24. | 5.3 |
2020-12-31 | CVE-2020-35926 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Nanorand Project Nanorand An issue was discovered in the nanorand crate before 0.5.1 for Rust. | 7.5 |
2020-11-19 | CVE-2020-28924 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products An issue was discovered in Rclone before 1.53.3. | 7.5 |
2020-11-16 | CVE-2020-28642 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Infinitewp 2.4.2/2.4.3 In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks. | 7.5 |
2020-03-20 | CVE-2019-15075 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Inextrix Astpp An issue was discovered in iNextrix ASTPP before 4.0.1. | 5.0 |
2019-12-13 | CVE-2019-19794 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Miekg-Dns Project Miekg-Dns The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. | 4.3 |
2019-11-05 | CVE-2019-8113 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Magento Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 uses cryptographically weak random number generator to brute-force the confirmation code for customer registration. | 5.0 |
2019-10-31 | CVE-2012-6124 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Call-Cc Chicken A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. | 5.0 |
2019-09-26 | CVE-2015-9435 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Dash10 Oauth Server The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers. | 7.5 |
2019-09-23 | CVE-2019-10755 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Pac4J The SAML identifier generated within SAML2Utils.java was found to make use of the apache commons-lang3 RandomStringUtils class which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong. | 4.0 |