Vulnerabilities > Use of Insufficiently Random Values

DATE CVE VULNERABILITY TITLE RISK
2022-11-15 CVE-2022-20941 Use of Insufficiently Random Values vulnerability in Cisco Firepower Management Center
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to access sensitive information.
network
low complexity
cisco CWE-330
5.3
2022-11-11 CVE-2022-3959 Use of Insufficiently Random Values vulnerability in Drogon
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1.
network
low complexity
drogon CWE-330
5.3
2022-11-10 CVE-2022-36022 Use of Insufficiently Random Values vulnerability in Eclipse Deeplearning4J
Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM.
network
low complexity
eclipse CWE-330
5.3
2022-11-10 CVE-2022-42787 Use of Insufficiently Random Values vulnerability in WUT products
Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids.
network
low complexity
wut CWE-330
8.8
2022-11-07 CVE-2022-44795 Use of Insufficiently Random Values vulnerability in Objectfirst Object First 1.0.7.712
An issue was discovered in Object First 1.0.7.712.
network
low complexity
objectfirst CWE-330
6.5
2022-10-06 CVE-2022-31008 Use of Insufficiently Random Values vulnerability in VMWare Rabbitmq
RabbitMQ is a multi-protocol messaging and streaming broker.
network
low complexity
vmware CWE-330
7.5
2022-09-28 CVE-2022-30935 Use of Insufficiently Random Values vulnerability in B2Evolution
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function.
network
low complexity
b2evolution CWE-330
critical
9.1
2022-09-26 CVE-2022-38970 Use of Insufficiently Random Values vulnerability in multiple products
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control.
network
low complexity
iegeek hipcam CWE-330
6.5
2022-08-10 CVE-2022-30629 Use of Insufficiently Random Values vulnerability in multiple products
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
network
high complexity
golang fedoraproject netapp CWE-330
3.1
2022-07-12 CVE-2022-33707 Use of Insufficiently Random Values vulnerability in Samsung Find MY Mobile
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device.
network
low complexity
samsung CWE-330
5.0