Vulnerabilities > Use of Insufficiently Random Values
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-01 | CVE-2021-27884 | Use of Insufficiently Random Values vulnerability in Ymfe Yapi 1.3.22 Weak JSON Web Token (JWT) signing secret generation in YMFE YApi through 1.9.2 allows recreation of other users' JWT tokens. | 3.6 |
2021-02-01 | CVE-2020-13860 | Use of Insufficiently Random Values vulnerability in Mofinetwork Mofi4500-4Gxelte Firmware 4.0.8Std An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. | 5.0 |
2021-01-19 | CVE-2020-27264 | Use of Insufficiently Random Values vulnerability in Sooil products In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys via Bluetooth Low Energy. | 3.3 |
2020-12-11 | CVE-2020-17470 | Use of Insufficiently Random Values vulnerability in Butok Fnet An issue was discovered in FNET through 4.6.4. | 5.3 |
2020-12-11 | CVE-2020-15023 | Use of Insufficiently Random Values vulnerability in Askey Ap5100W Firmware 1.01.097 Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking. | 4.3 |
2020-12-01 | CVE-2020-7548 | Use of Insufficiently Random Values vulnerability in Schneider-Electric products A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login. | 7.5 |
2020-11-17 | CVE-2020-25705 | Use of Insufficiently Random Values vulnerability in multiple products A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. | 5.8 |
2020-10-26 | CVE-2020-27743 | Use of Insufficiently Random Values vulnerability in PAM Tacplus Project PAM Tacplus libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). | 7.5 |
2020-10-06 | CVE-2020-1905 | Use of Insufficiently Random Values vulnerability in Whatsapp Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the opener app is terminated. | 4.3 |
2020-08-17 | CVE-2020-1472 | Use of Insufficiently Random Values vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). | 5.5 |