Vulnerabilities > Use of Insufficiently Random Values
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-19 | CVE-2021-31228 | Use of Insufficiently Random Values vulnerability in Hcc-Embedded Nichestack 3.0 An issue was discovered in HCC embedded InterNiche 4.0.1. | 7.5 |
2021-08-18 | CVE-2021-0417 | Use of Insufficiently Random Values vulnerability in Google Android 10.0/11.0 In memory management driver, there is a possible system crash due to improper input validation. | 5.5 |
2021-08-17 | CVE-2021-39249 | Use of Insufficiently Random Values vulnerability in Invisioncommunity Invision Power Board Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function. | 6.1 |
2021-08-12 | CVE-2021-38606 | Use of Insufficiently Random Values vulnerability in Yogeshojha Rengine reNgine through 0.5 relies on a predictable directory name. | 9.8 |
2021-08-10 | CVE-2021-3692 | Use of Insufficiently Random Values vulnerability in Yiiframework YII yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | 5.3 |
2021-08-10 | CVE-2021-3689 | Use of Insufficiently Random Values vulnerability in Yiiframework YII yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | 7.5 |
2021-08-05 | CVE-2021-25444 | Use of Insufficiently Random Values vulnerability in Google Android 10.0/8.1/9.0 An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process. | 5.5 |
2021-08-04 | CVE-2021-26098 | Use of Insufficiently Random Values vulnerability in Fortinet Fortisandbox An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs. | 7.5 |
2021-08-02 | CVE-2021-27499 | Use of Insufficiently Random Values vulnerability in Ypsomed Mylife and Mylife Cloud Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs, which allows man-in-the-middle attackers to tamper with messages. | 5.9 |
2021-06-29 | CVE-2021-29480 | Use of Insufficiently Random Values vulnerability in Ratpack Project Ratpack Ratpack is a toolkit for creating web applications. | 3.1 |