Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-02 | CVE-2023-26451 | Use of Insufficiently Random Values vulnerability in Open-Xchange Appsuite Backend Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. | 7.5 |
| 2023-07-22 | CVE-2023-3247 | Use of Insufficiently Random Values vulnerability in PHP In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. | 4.3 |
| 2023-06-12 | CVE-2023-1898 | Use of Insufficiently Random Values vulnerability in Atlascopco Power Focus 6000 Firmware Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. | 7.5 |
| 2023-06-12 | CVE-2020-36732 | Use of Insufficiently Random Values vulnerability in Crypto-Js Project Crypto-Js The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more predictable than necessary. | 5.3 |
| 2023-05-30 | CVE-2022-43485 | Use of Insufficiently Random Values vulnerability in Honeywell Onewireless Network Wireless Device Manager Firmware Use of Insufficiently Random Values in Honeywell OneWireless. | 6.5 |
| 2023-05-25 | CVE-2023-31124 | Use of Insufficiently Random Values vulnerability in multiple products c-ares is an asynchronous resolver library. | 3.7 |
| 2023-05-25 | CVE-2023-31147 | Use of Insufficiently Random Values vulnerability in multiple products c-ares is an asynchronous resolver library. | 6.5 |
| 2023-05-03 | CVE-2023-1385 | Use of Insufficiently Random Values vulnerability in Amazon Fire OS Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS 7.6.3.3. | 8.8 |
| 2023-04-29 | CVE-2023-2418 | Use of Insufficiently Random Values vulnerability in Konghq Kong 2.8.3 A vulnerability was found in Konga 2.8.3 on Kong. | 5.9 |
| 2023-04-19 | CVE-2023-30797 | Use of Insufficiently Random Values vulnerability in Netflix Lemur Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. | 7.5 |