Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-27577 | Use of Insufficiently Random Values vulnerability in Sick Msc800 Firmware 4.0/4.10 The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. | 9.1 |
| 2022-04-11 | CVE-2022-29035 | Use of Insufficiently Random Values vulnerability in Jetbrains Ktor In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations | 2.7 |
| 2022-04-08 | CVE-2022-26851 | Use of Insufficiently Random Values vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. | 9.1 |
| 2022-04-07 | CVE-2022-22517 | Use of Insufficiently Random Values vulnerability in Codesys products An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. | 7.5 |
| 2022-04-02 | CVE-2022-28355 | Use of Insufficiently Random Values vulnerability in Scala-Js Scala.Js randomUUID in Scala.js before 1.10.0 generates predictable values. | 7.5 |
| 2022-03-30 | CVE-2021-46010 | Use of Insufficiently Random Values vulnerability in Totolink A3100R Firmware 5.9C.4577 Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. | 8.8 |
| 2022-03-14 | CVE-2022-26320 | Use of Insufficiently Random Values vulnerability in multiple products The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. | 9.1 |
| 2022-03-08 | CVE-2022-26317 | Use of Insufficiently Random Values vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29). | 6.5 |
| 2022-03-03 | CVE-2022-22700 | Use of Insufficiently Random Values vulnerability in Cyberark Identity CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'. | 5.3 |
| 2022-03-01 | CVE-2021-36166 | Use of Insufficiently Random Values vulnerability in Fortinet Fortimail An improper authentication vulnerability in FortiMail before 7.0.1 may allow a remote attacker to efficiently guess one administrative account's authentication token by means of the observation of certain system's properties. | 9.8 |