Vulnerabilities > Use of Insufficiently Random Values
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-09 | CVE-2021-41694 | Use of Insufficiently Random Values vulnerability in Globaldatingsoftware Premiumdatingscript 4.2.7.7 An Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\user.php. | 9.8 |
2021-11-22 | CVE-2021-38377 | Use of Insufficiently Random Values vulnerability in Open-Xchange OX APP Suite 7.10.5 OX App Suite through 7.10.5 allows XSS via JavaScript code in an anchor HTML comment within truncated e-mail, because there is a predictable UUID with HTML transformation results. | 6.1 |
2021-11-16 | CVE-2021-26322 | Use of Insufficiently Random Values vulnerability in AMD products Persistent platform private key may not be protected with a random IV leading to a potential “two time pad attack”. | 7.5 |
2021-11-08 | CVE-2021-28024 | Use of Insufficiently Random Values vulnerability in Servicetonic Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password. | 9.8 |
2021-10-29 | CVE-2021-22038 | Use of Insufficiently Random Values vulnerability in VMWare Installbuilder On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). | 8.8 |
2021-09-30 | CVE-2021-41829 | Use of Insufficiently Random Values vulnerability in Zohocorp Manageengine Remote Access Plus Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key. | 7.5 |
2021-09-15 | CVE-2021-41061 | Use of Insufficiently Random Values vulnerability in Riot-Os Riot 2021.01 In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component allows attackers to break encryption by triggering reboots. | 5.5 |
2021-09-14 | CVE-2021-37186 | Use of Insufficiently Random Values vulnerability in Siemens products A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C (All versions < V4.0.9). | 5.4 |
2021-08-30 | CVE-2021-34646 | Use of Insufficiently Random Values vulnerability in Booster for Woocommerce Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. | 9.8 |
2021-08-19 | CVE-2020-35685 | Use of Insufficiently Random Values vulnerability in multiple products An issue was discovered in HCC Nichestack 3.0. | 9.1 |