Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-04 | CVE-2023-26855 | Use of Insufficiently Random Values vulnerability in Churchcrm 4.5.3 The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers to use precomputed hash tables or dictionary attacks to crack the hashed passwords. | 7.5 |
| 2023-03-31 | CVE-2023-0343 | Use of Insufficiently Random Values vulnerability in Akuvox E11 Firmware Akuvox E11 contains a function that encrypts messages which are then forwarded. | 7.5 |
| 2023-03-16 | CVE-2022-26080 | Use of Insufficiently Random Values vulnerability in ABB products Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415. | 4.3 |
| 2023-02-23 | CVE-2023-20016 | Use of Insufficiently Random Values vulnerability in Cisco products A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. | 6.5 |
| 2023-02-10 | CVE-2022-43501 | Use of Insufficiently Random Values vulnerability in Elwsc products KASAGO TCP/IP stack provided by Zuken Elmic generates ISNs(Initial Sequence Number) for TCP connections from an insufficiently random source. | 9.1 |
| 2023-01-20 | CVE-2023-22912 | Use of Insufficiently Random Values vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. | 5.3 |
| 2023-01-12 | CVE-2017-5242 | Use of Insufficiently Random Values vulnerability in Rapid7 Insightvm Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys. | 7.7 |
| 2023-01-11 | CVE-2021-26407 | Use of Insufficiently Random Values vulnerability in AMD Romepi Firmware A randomly generated Initialization Vector (IV) may lead to a collision of IVs with the same key potentially resulting in information disclosure. | 5.5 |
| 2022-12-25 | CVE-2021-4277 | Use of Insufficiently Random Values vulnerability in Utils Project Utils A vulnerability, which was classified as problematic, has been found in fredsmith utils. | 5.3 |
| 2022-12-13 | CVE-2022-46353 | Use of Insufficiently Random Values vulnerability in Siemens products A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). | 9.8 |