Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-04 | CVE-2025-1953 | A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. high complexity CWE-330 | 2.6 |
| 2025-01-07 | CVE-2025-0218 | Use of Insufficiently Random Values vulnerability in Pgadmin Pgagent When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. | 7.1 |
| 2024-12-18 | CVE-2024-12432 | The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover and privilege escalation in all versions up to, and including, 1.2.8. | 8.1 |
| 2024-11-21 | CVE-2024-52615 | A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. | 5.3 |
| 2024-08-19 | CVE-2024-6348 | Use of Insufficiently Random Values vulnerability in Nissan-Global Blind Spot Protection Sensor ECU Firmware Predictable seed generation in the security access mechanism of UDS in the Blind Spot Protection Sensor ECU in Nissan Altima (2022) allows attackers to predict the requested seeds and bypass security controls via repeated ECU resets and seed requests. | 7.5 |
| 2024-08-12 | CVE-2024-42164 | Use of Insufficiently Random Values vulnerability in Fiware Keyrock Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link. | 4.3 |
| 2024-08-12 | CVE-2024-42165 | Use of Insufficiently Random Values vulnerability in Fiware Keyrock Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link. | 5.4 |
| 2024-08-12 | CVE-2024-7659 | Use of Insufficiently Random Values vulnerability in Projectsend A vulnerability, which was classified as problematic, was found in projectsend up to r1605. | 7.5 |
| 2024-07-01 | CVE-2024-21460 | Use of Insufficiently Random Values vulnerability in Qualcomm products Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space. | 6.5 |
| 2024-06-05 | CVE-2024-5149 | Use of Insufficiently Random Values vulnerability in Themekraft Buddyforms The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. | 5.3 |