Vulnerabilities > Use of Insufficiently Random Values

DATE CVE VULNERABILITY TITLE RISK
2023-12-29 CVE-2023-4462 Use of Insufficiently Random Values vulnerability in Poly products
A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250, VVX 300, VVX 301, VVX 310, VVX 311, VVX 350, VVX 400, VVX 401, VVX 410, VVX 411, VVX 450, VVX 500, VVX 501, VVX 600 and VVX 601.
network
high complexity
poly CWE-330
5.9
5.9
2023-11-30 CVE-2023-6376 Use of Insufficiently Random Values vulnerability in Henschen Court Document Management
Henschen & Associates court document management software does not sufficiently randomize file names of cached documents, allowing a remote, unauthenticated attacker to access restricted documents.
network
low complexity
henschen CWE-330
7.5
7.5
2023-11-16 CVE-2023-48056 Use of Insufficiently Random Values vulnerability in Bandoche Pypinksign 0.5.1
PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption.
network
low complexity
bandoche CWE-330
7.5
7.5
2023-10-10 CVE-2020-27213 Use of Insufficiently Random Values vulnerability in Ethernut Nut/Os 5.1
An issue was discovered in Ethernut Nut/OS 5.1.
network
low complexity
ethernut CWE-330
7.5
7.5
2023-10-10 CVE-2020-27630 Use of Insufficiently Random Values vulnerability in Silabs Uc/Tcp-Ip 3.6.0
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.
network
low complexity
silabs CWE-330
critical
 9.8
9.8
2023-10-10 CVE-2020-27631 Use of Insufficiently Random Values vulnerability in Oryx-Embedded Cyclonetcp 1.9.6
In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random.
network
low complexity
oryx-embedded CWE-330
critical
 9.8
9.8
2023-10-10 CVE-2020-27633 Use of Insufficiently Random Values vulnerability in Butok Fnet 4.6.3
In FNET 4.6.3, TCP ISNs are improperly random.
network
low complexity
butok CWE-330
critical
 9.1
9.1
2023-10-10 CVE-2020-27634 Use of Insufficiently Random Values vulnerability in Contiki-Ng 4.5
In Contiki 4.5, TCP ISNs are improperly random.
network
low complexity
contiki-ng CWE-330
critical
 9.1
9.1
2023-10-10 CVE-2020-27635 Use of Insufficiently Random Values vulnerability in Capgemini Picotcp 1.7.0
In PicoTCP 1.7.0, TCP ISNs are improperly random.
network
low complexity
capgemini CWE-330
critical
 9.1
9.1
2023-10-10 CVE-2020-27636 Use of Insufficiently Random Values vulnerability in Microchip Mplab Network Creator 3.6.1
In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.
network
low complexity
microchip CWE-330
critical
 9.1
9.1