Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-13 | CVE-2020-9502 | Use of Insufficiently Random Values vulnerability in Dahuasecurity products Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. | 9.8 |
| 2020-05-04 | CVE-2020-8792 | Use of Insufficiently Random Values vulnerability in Oklok Project Oklok 3.1.1 The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has an information-exposure issue. | 5.3 |
| 2020-04-27 | CVE-2020-12270 | Use of Insufficiently Random Values vulnerability in Bluezone 1.0.0 React Native Bluetooth Scan in Bluezone 1.0.0 uses six-character alphanumeric IDs, which might make it easier for remote attackers to interfere with COVID-19 contact tracing by using many IDs. | 6.5 |
| 2020-04-17 | CVE-2020-11877 | Use of Insufficiently Random Values vulnerability in Zoom Meetings 4.6.11 airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. | 7.5 |
| 2020-04-03 | CVE-2020-11501 | Use of Insufficiently Random Values vulnerability in multiple products GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. | 7.4 |
| 2020-03-23 | CVE-2020-10870 | Use of Insufficiently Random Values vulnerability in Zim-Wiki ZIM Zim through 0.72.1 creates temporary directories with predictable names. | 5.5 |
| 2020-03-17 | CVE-2019-20494 | Use of Insufficiently Random Values vulnerability in Cpanel In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525). | 3.3 |
| 2020-03-16 | CVE-2019-19135 | Use of Insufficiently Random Values vulnerability in Opcfoundation Netstandard.Opc.Ua and Ua-.Netstandard In OPC Foundation OPC UA .NET Standard codebase 1.4.357.28, servers do not create sufficiently random numbers in OPCFoundation.NetStandard.Opc.Ua before 1.4.359.31, which allows man in the middle attackers to reuse encrypted user credentials sent over the network. | 7.4 |
| 2020-03-11 | CVE-2019-9102 | Use of Insufficiently Random Values vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 8.8 |
| 2020-03-10 | CVE-2019-12434 | Use of Insufficiently Random Values vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 10.6 through 11.11. | 4.3 |