Vulnerabilities > Use of Insufficiently Random Values
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-14 | CVE-2022-26320 | Use of Insufficiently Random Values vulnerability in multiple products The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. | 9.1 |
| 2022-03-08 | CVE-2022-26317 | Use of Insufficiently Random Values vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29). | 6.5 |
| 2022-03-03 | CVE-2022-22700 | Use of Insufficiently Random Values vulnerability in Cyberark Identity CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'. | 5.3 |
| 2022-03-01 | CVE-2021-36166 | Use of Insufficiently Random Values vulnerability in Fortinet Fortimail An improper authentication vulnerability in FortiMail before 7.0.1 may allow a remote attacker to efficiently guess one administrative account's authentication token by means of the observation of certain system's properties. | 9.8 |
| 2022-02-18 | CVE-2021-20322 | Use of Insufficiently Random Values vulnerability in multiple products A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. | 7.4 |
| 2022-02-18 | CVE-2022-22922 | Use of Insufficiently Random Values vulnerability in Tp-Link Tl-Wa850Re Firmware TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges. | 9.8 |
| 2022-02-16 | CVE-2021-26726 | Use of Insufficiently Random Values vulnerability in Valmet DNA 2012/2021 A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021. | 8.8 |
| 2022-01-25 | CVE-2021-36294 | Use of Insufficiently Random Values vulnerability in Dell EMC Unity Operating Environment Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. | 9.8 |
| 2022-01-18 | CVE-2022-23408 | Use of Insufficiently Random Values vulnerability in Wolfssl 5.0.0/5.1.0 wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. | 9.1 |
| 2022-01-06 | CVE-2021-45458 | Use of Insufficiently Random Values vulnerability in Apache Kylin Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords. | 7.5 |