Vulnerabilities > Use of Insufficiently Random Values

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2020-35163 Use of Insufficiently Random Values vulnerability in multiple products
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability.
network
low complexity
dell oracle CWE-330
critical
9.8
2022-07-07 CVE-2022-25047 Use of Insufficiently Random Values vulnerability in Control-Webpanel Webpanel 0.9.8.1126
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.
network
high complexity
control-webpanel CWE-330
5.9
2022-07-04 CVE-2022-32284 Use of Insufficiently Random Values vulnerability in Yokogawa Aw810D Firmware R12
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router (WAC Router) AW810D, which may allow a remote attacker to cause denial-of-service (DoS) condition by sending a specially crafted packet.
network
low complexity
yokogawa CWE-330
7.5
2022-06-24 CVE-2022-29330 Use of Insufficiently Random Values vulnerability in Vitalpbx
Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors.
network
low complexity
vitalpbx CWE-330
4.9
2022-06-23 CVE-2022-34295 Use of Insufficiently Random Values vulnerability in Totd Project Totd 1.5.2
totd before 1.5.3 does not properly randomize mesg IDs.
network
low complexity
totd-project CWE-330
6.5
2022-06-09 CVE-2022-23138 Use of Insufficiently Random Values vulnerability in ZTE Mf297D Firmware Mf297Dnordic1B05
ZTE's MF297D product has cryptographic issues vulnerability.
network
low complexity
zte CWE-330
7.5
2022-06-05 CVE-2022-32296 Use of Insufficiently Random Values vulnerability in Linux Kernel
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used.
local
low complexity
linux CWE-330
3.3
2022-05-16 CVE-2022-30782 Use of Insufficiently Random Values vulnerability in Openmoney API Project Openmoney API
Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cryptographically secure random numbers.
network
low complexity
openmoney-api-project CWE-330
7.5
2022-05-12 CVE-2022-29930 Use of Insufficiently Random Values vulnerability in Jetbrains Ktor 2.0.0
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value.
network
low complexity
jetbrains CWE-330
4.9
2022-05-06 CVE-2022-30295 Use of Insufficiently Random Values vulnerability in multiple products
uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning.
network
high complexity
uclibc uclibc-ng-project CWE-330
6.5