Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2021-3692 | Use of Insufficiently Random Values vulnerability in Yiiframework YII yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | 5.0 |
| 2021-08-10 | CVE-2021-3689 | Use of Insufficiently Random Values vulnerability in Yiiframework YII yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator | 5.0 |
| 2021-08-05 | CVE-2021-25444 | Use of Insufficiently Random Values vulnerability in Google Android 10.0/8.1/9.0 An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process. | 2.1 |
| 2021-08-04 | CVE-2021-26098 | Use of Insufficiently Random Values vulnerability in Fortinet Fortisandbox An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs. | 5.0 |
| 2021-08-02 | CVE-2021-27499 | Use of Insufficiently Random Values vulnerability in Ypsomed Mylife and Mylife Cloud Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs, which allows man-in-the-middle attackers to tamper with messages. | 5.9 |
| 2021-06-29 | CVE-2021-29480 | Use of Insufficiently Random Values vulnerability in Ratpack Project Ratpack Ratpack is a toolkit for creating web applications. | 3.5 |
| 2021-06-11 | CVE-2021-27200 | Use of Insufficiently Random Values vulnerability in Wowonder 3.0.4 In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. | 7.5 |
| 2021-06-11 | CVE-2021-0466 | Use of Insufficiently Random Values vulnerability in Google Android 10.0 In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to track a device. | 5.0 |
| 2021-06-01 | CVE-2021-23020 | Use of Insufficiently Random Values vulnerability in F5 Nginx Controller The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys. | 2.1 |
| 2021-05-27 | CVE-2020-10729 | Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in the use of insufficiently random values in Ansible. | 2.1 |