Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-30 | CVE-2021-41829 | Use of Insufficiently Random Values vulnerability in Zohocorp Manageengine Remote Access Plus Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key. | 7.5 |
| 2021-09-15 | CVE-2021-41061 | Use of Insufficiently Random Values vulnerability in Riot-Os Riot 2021.01 In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component allows attackers to break encryption by triggering reboots. | 5.5 |
| 2021-09-14 | CVE-2021-37186 | Use of Insufficiently Random Values vulnerability in Siemens products A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C (All versions < V4.0.9). | 5.4 |
| 2021-08-30 | CVE-2021-34646 | Use of Insufficiently Random Values vulnerability in Booster for Woocommerce Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. | 9.8 |
| 2021-08-19 | CVE-2020-35685 | Use of Insufficiently Random Values vulnerability in multiple products An issue was discovered in HCC Nichestack 3.0. | 9.1 |
| 2021-08-19 | CVE-2021-31228 | Use of Insufficiently Random Values vulnerability in Hcc-Embedded Nichestack 3.0 An issue was discovered in HCC embedded InterNiche 4.0.1. | 7.5 |
| 2021-08-18 | CVE-2021-0417 | Use of Insufficiently Random Values vulnerability in Google Android 10.0/11.0 In memory management driver, there is a possible system crash due to improper input validation. | 5.5 |
| 2021-08-17 | CVE-2021-39249 | Use of Insufficiently Random Values vulnerability in Invisioncommunity Invision Power Board Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function. | 6.1 |
| 2021-08-12 | CVE-2021-38606 | Use of Insufficiently Random Values vulnerability in Yogeshojha Rengine reNgine through 0.5 relies on a predictable directory name. | 9.8 |
| 2021-08-10 | CVE-2021-3692 | Use of Insufficiently Random Values vulnerability in Yiiframework YII yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | 5.3 |