Vulnerabilities > Use of Insufficiently Random Values

DATE CVE VULNERABILITY TITLE RISK
2021-08-19 CVE-2021-31228 Use of Insufficiently Random Values vulnerability in Hcc-Embedded Nichestack 3.0
An issue was discovered in HCC embedded InterNiche 4.0.1.
network
low complexity
hcc-embedded CWE-330
7.5
2021-08-18 CVE-2021-0417 Use of Insufficiently Random Values vulnerability in Google Android 10.0/11.0
In memory management driver, there is a possible system crash due to improper input validation.
local
low complexity
google CWE-330
5.5
2021-08-17 CVE-2021-39249 Use of Insufficiently Random Values vulnerability in Invisioncommunity Invision Power Board
Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function.
network
low complexity
invisioncommunity CWE-330
6.1
2021-08-12 CVE-2021-38606 Use of Insufficiently Random Values vulnerability in Yogeshojha Rengine
reNgine through 0.5 relies on a predictable directory name.
network
low complexity
yogeshojha CWE-330
critical
9.8
2021-08-10 CVE-2021-3692 Use of Insufficiently Random Values vulnerability in Yiiframework YII
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator
network
low complexity
yiiframework CWE-330
5.3
2021-08-10 CVE-2021-3689 Use of Insufficiently Random Values vulnerability in Yiiframework YII
yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator
network
low complexity
yiiframework CWE-330
7.5
2021-08-05 CVE-2021-25444 Use of Insufficiently Random Values vulnerability in Google Android 10.0/8.1/9.0
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.
local
low complexity
google CWE-330
5.5
2021-08-04 CVE-2021-26098 Use of Insufficiently Random Values vulnerability in Fortinet Fortisandbox
An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs.
network
low complexity
fortinet CWE-330
7.5
2021-08-02 CVE-2021-27499 Use of Insufficiently Random Values vulnerability in Ypsomed Mylife and Mylife Cloud
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs, which allows man-in-the-middle attackers to tamper with messages.
network
high complexity
ypsomed CWE-330
5.9
2021-06-29 CVE-2021-29480 Use of Insufficiently Random Values vulnerability in Ratpack Project Ratpack
Ratpack is a toolkit for creating web applications.
network
high complexity
ratpack-project CWE-330
3.1