Vulnerabilities > Use of Insufficiently Random Values
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-30 | CVE-2019-2294 | Use of Insufficiently Random Values vulnerability in Qualcomm products Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | 9.8 |
2019-09-10 | CVE-2019-1549 | Use of Insufficiently Random Values vulnerability in Openssl OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). | 5.3 |
2019-09-05 | CVE-2019-15955 | Use of Insufficiently Random Values vulnerability in Totaljs Total.Js CMS 12.0.0 An issue was discovered in Total.js CMS 12.0.0. | 6.5 |
2019-08-18 | CVE-2019-15130 | Use of Insufficiently Random Values vulnerability in Humanica Humatrix 7 1.0.0.203/1.0.0.681 The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitment_online/personalData/act_personaltab.cfm multiple-part POST request with a predictable WRC01_USERID parameter. | 9.8 |
2019-08-02 | CVE-2019-7886 | Use of Insufficiently Random Values vulnerability in Magento A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 7.5 |
2019-07-19 | CVE-2019-12821 | Use of Insufficiently Random Values vulnerability in Jisiwei I3 Firmware 2.0 A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. | 4.8 |
2019-07-16 | CVE-2019-13603 | Use of Insufficiently Random Values vulnerability in Hidglobal Digital Persona U.Are.U 4500 Driver Firmware 5.0.0.5 An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. | 5.9 |
2019-07-15 | CVE-2019-1010025 | Use of Insufficiently Random Values vulnerability in GNU Glibc GNU Libc current is affected by: Mitigation bypass. | 5.3 |
2019-07-03 | CVE-2019-6632 | Use of Insufficiently Random Values vulnerability in F5 products On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. | 5.5 |
2019-07-01 | CVE-2019-7667 | Use of Insufficiently Random Values vulnerability in Primasystems Flexair 2.3.38 Prima Systems FlexAir, Versions 2.3.38 and prior. | 9.8 |