Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-10 | CVE-2022-30629 | Use of Insufficiently Random Values vulnerability in Golang GO Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. | 3.1 |
| 2022-08-02 | CVE-2022-29808 | Use of Insufficiently Random Values vulnerability in Quest Kace Systems Management Appliance In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation occurs when appliance linking is enabled. | 7.5 |
| 2022-07-27 | CVE-2022-24406 | Use of Insufficiently Random Values vulnerability in Open-Xchange OX APP Suite 7.10.5/7.10.6 OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls. | 6.5 |
| 2022-07-25 | CVE-2022-26306 | Use of Insufficiently Random Values vulnerability in multiple products LibreOffice supports the storage of passwords for web connections in the user’s configuration database. | 7.5 |
| 2022-07-25 | CVE-2021-23451 | Use of Insufficiently Random Values vulnerability in Otp-Generator Project Otp-Generator The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack. | 9.8 |
| 2022-07-15 | CVE-2022-31157 | Use of Insufficiently Random Values vulnerability in Packback LTI 1.3 Tool Library LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. | 7.5 |
| 2022-07-12 | CVE-2022-33707 | Use of Insufficiently Random Values vulnerability in Samsung Find MY Mobile Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device. | 5.3 |
| 2022-07-11 | CVE-2020-35163 | Use of Insufficiently Random Values vulnerability in multiple products Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability. | 9.8 |
| 2022-07-07 | CVE-2022-25047 | Use of Insufficiently Random Values vulnerability in Control-Webpanel Webpanel 0.9.8.1126 The password reset token in CWP v0.9.8.1126 is generated using known or predictable values. | 5.9 |
| 2022-07-04 | CVE-2022-32284 | Use of Insufficiently Random Values vulnerability in Yokogawa Aw810D Firmware R12 Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router (WAC Router) AW810D, which may allow a remote attacker to cause denial-of-service (DoS) condition by sending a specially crafted packet. | 7.5 |