Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-03 | CVE-2023-1385 | Use of Insufficiently Random Values vulnerability in Amazon Fire OS Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS 7.6.3.3. | 8.8 |
| 2023-04-29 | CVE-2023-2418 | Use of Insufficiently Random Values vulnerability in Konghq Kong 2.8.3 A vulnerability was found in Konga 2.8.3 on Kong. | 5.9 |
| 2023-04-19 | CVE-2023-30797 | Use of Insufficiently Random Values vulnerability in Netflix Lemur Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. | 7.5 |
| 2023-03-16 | CVE-2022-26080 | Use of Insufficiently Random Values vulnerability in ABB products Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415. | 4.3 |
| 2023-03-14 | CVE-2022-39216 | Use of Insufficiently Random Values vulnerability in Combodo Itop Combodo iTop is an open source, web-based IT service management platform. | 9.8 |
| 2023-02-23 | CVE-2023-20016 | Use of Insufficiently Random Values vulnerability in Cisco products A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. | 6.5 |
| 2023-02-10 | CVE-2022-43501 | Use of Insufficiently Random Values vulnerability in Elwsc products KASAGO TCP/IP stack provided by Zuken Elmic generates ISNs(Initial Sequence Number) for TCP connections from an insufficiently random source. | 9.1 |
| 2023-01-20 | CVE-2023-22912 | Use of Insufficiently Random Values vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. | 5.3 |
| 2023-01-12 | CVE-2023-22601 | Use of Insufficiently Random Values vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. | 8.6 |
| 2023-01-12 | CVE-2017-5242 | Use of Insufficiently Random Values vulnerability in Rapid7 Insightvm Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. | 7.7 |