Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-25 | CVE-2021-45487 | Use of Insufficiently Random Values vulnerability in Netbsd In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. | 7.5 |
| 2021-12-25 | CVE-2021-45488 | Use of Insufficiently Random Values vulnerability in Netbsd In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. | 7.5 |
| 2021-12-13 | CVE-2021-44151 | Use of Insufficiently Random Values vulnerability in Reprisesoftware Reprise License Manager 14.2 An issue was discovered in Reprise RLM 14.2. | 7.5 |
| 2021-12-09 | CVE-2021-41694 | Use of Insufficiently Random Values vulnerability in Globaldatingsoftware Premiumdatingscript 4.2.7.7 An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php. | 9.8 |
| 2021-11-22 | CVE-2021-38377 | Use of Insufficiently Random Values vulnerability in Open-Xchange OX APP Suite 7.10.5 OX App Suite through 7.10.5 allows XSS via JavaScript code in an anchor HTML comment within truncated e-mail, because there is a predictable UUID with HTML transformation results. | 6.1 |
| 2021-11-16 | CVE-2021-26322 | Use of Insufficiently Random Values vulnerability in AMD products Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”. | 7.5 |
| 2021-11-08 | CVE-2021-28024 | Use of Insufficiently Random Values vulnerability in Servicetonic Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password. | 9.8 |
| 2021-10-29 | CVE-2021-22038 | Use of Insufficiently Random Values vulnerability in VMWare Installbuilder On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). | 8.8 |
| 2021-09-30 | CVE-2021-41829 | Use of Insufficiently Random Values vulnerability in Zohocorp Manageengine Remote Access Plus Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key. | 7.5 |
| 2021-09-15 | CVE-2021-41061 | Use of Insufficiently Random Values vulnerability in Riot-Os Riot 2021.01 In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component allows attackers to break encryption by triggering reboots. | 5.5 |