Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-13 | CVE-2021-21729 | Use of Insufficiently Random Values vulnerability in ZTE Zxhn H108N Firmware and Zxhn H168N Firmware Some ZTE products have CSRF vulnerability. | 6.5 |
| 2021-04-09 | CVE-2021-25375 | Use of Insufficiently Random Values vulnerability in Samsung Email Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. | 6.5 |
| 2021-03-25 | CVE-2021-3446 | Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in libtpms in versions before 0.8.2. | 5.5 |
| 2021-03-23 | CVE-2021-28099 | Use of Insufficiently Random Values vulnerability in Netflix Hollow In Netflix OSS Hollow, since the Files.exists(parent) is run before creating the directories, an attacker can pre-create these directories with wide permissions. | 4.4 |
| 2021-03-22 | CVE-2021-22309 | Use of Insufficiently Random Values vulnerability in Huawei products There is insecure algorithm vulnerability in Huawei products. | 7.5 |
| 2021-03-10 | CVE-2021-0375 | Use of Insufficiently Random Values vulnerability in Google Android 11.0 In onPackageModified of VoiceInteractionManagerService.java, there is a possible change of default applications due to an insecure default value. | 5.5 |
| 2021-03-01 | CVE-2021-27884 | Use of Insufficiently Random Values vulnerability in Ymfe Yapi Weak JSON Web Token (JWT) signing secret generation in YMFE YApi through 1.9.2 allows recreation of other users' JWT tokens. | 5.1 |
| 2021-02-19 | CVE-2020-36252 | Use of Insufficiently Random Values vulnerability in Owncloud Server ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number. | 5.7 |
| 2021-02-01 | CVE-2020-13860 | Use of Insufficiently Random Values vulnerability in Mofinetwork Mofi4500-4Gxelte Firmware 4.0.8Std An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. | 7.5 |
| 2021-01-19 | CVE-2020-27264 | Use of Insufficiently Random Values vulnerability in Sooil products In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys via Bluetooth Low Energy. | 8.8 |