Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-02 | CVE-2024-36389 | Use of Insufficiently Random Values vulnerability in Milesight Devicehub 3.0.1R1 MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass | 9.8 |
| 2024-02-05 | CVE-2024-0761 | Use of Insufficiently Random Values vulnerability in Filemanagerpro File Manager The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.1 due to insufficient randomness in the backup filenames, which use a timestamp plus 4 random digits. | 7.5 |
| 2024-01-19 | CVE-2024-23688 | Use of Insufficiently Random Values vulnerability in Consensys Discovery Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. | 5.3 |
| 2024-01-02 | CVE-2023-32831 | Use of Insufficiently Random Values vulnerability in Mediatek Software Development KIT In wlan driver, there is a possible PIN crack due to use of insufficiently random values. | 5.5 |
| 2023-11-30 | CVE-2023-6376 | Use of Insufficiently Random Values vulnerability in Henschen Court Document Management Henschen & Associates court document management software does not sufficiently randomize file names of cached documents, allowing a remote, unauthenticated attacker to access restricted documents. | 7.5 |
| 2023-11-16 | CVE-2023-48056 | Use of Insufficiently Random Values vulnerability in Bandoche Pypinksign 0.5.1 PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. | 7.5 |
| 2023-10-10 | CVE-2020-27213 | Use of Insufficiently Random Values vulnerability in Ethernut Nut/Os 5.1 An issue was discovered in Ethernut Nut/OS 5.1. | 7.5 |
| 2023-10-10 | CVE-2020-27630 | Use of Insufficiently Random Values vulnerability in Silabs Uc/Tcp-Ip 3.6.0 In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random. | 9.8 |
| 2023-10-10 | CVE-2020-27631 | Use of Insufficiently Random Values vulnerability in Oryx-Embedded Cyclonetcp 1.9.6 In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random. | 9.8 |
| 2023-10-10 | CVE-2020-27633 | Use of Insufficiently Random Values vulnerability in Butok Fnet 4.6.3 In FNET 4.6.3, TCP ISNs are improperly random. | 9.1 |