Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-330

CWE-330

High likelihood

Use of Insufficiently Random Values

Parent: CWE-693 - Protection Mechanism Failure

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

375 vulnerabilities with CWE-330

CVE-2023-2418 LOW

Konga 2.8.3 - Insufficiently Random Values

CVE-2023-30797 HIGH

Netflix Lemur <1.3.2 - Info Disclosure

CVE-2023-26855 HIGH

ChurchCRM v4.5.3 - Use of Insufficiently Random Values in Password Hashing

CVE-2023-0343 MEDIUM

Akuvox E11 - Use of Insufficiently Random Values in Message Encryption

CVE-2023-20016 MEDIUM

Cisco UCS Central <4.2(3c) & FXOS <2.6.1 - Unauthenticated Sensitive Info Disclosure via Hard-coded Key

CVE-2023-22746 HIGH

CKAN < 2.8.12 - Use of Insufficiently Random Values in Default Secret Key

CVE-2023-22912 MEDIUM

MediaWiki <1.35.9, <1.38.5, <1.39.1 - Info Disclosure

CVE-2023-22601 CRITICAL

InHand Networks IR302 <V3.5.56 & InRouter6XX-S <V2.3.0.r5542 - Info...

CVE-2022-43485 MEDIUM

Honeywell OneWireless <322.1 - JWT Token Manipulation

CVE-2022-43636 HIGH

TP-Link TL-WR940N <6_211111 3.20.1(US) - Auth Bypass

CVE-2022-26080 MEDIUM

ABB Pulsar Plus System Controller NE843_S - Insufficiently Random V...

CVE-2022-39216 HIGH

Combodo iTop <2.7.8 & <3.0.2-1 - Info Disclosure

CVE-2022-43501 CRITICAL

Zuken Elmic KASAGO - Info Disclosure

CVE-2022-46353 CRITICAL

SCALANCE X204RNA - Info Disclosure

CVE-2022-44938 CRITICAL

SeedDMS 6.0.20 and 5.1.7 - Account Takeover via Weak Password Reset Token

CVE-2022-3959 LOW

drogon < 1.8.2 - Insufficiently Random Session Hash Values

CVE-2022-36022 MEDIUM

Deeplearning4J <1.0.0-M2.1 - Info Disclosure

CVE-2022-42787 HIGH

W&T Comserver Series - Info Disclosure

CVE-2022-44795 MEDIUM

Object First Ootbi < 1.0.13.1611 - Authenticated Information Disclosure via Predictable Support Bundle URL

CVE-2022-31008 MEDIUM

RabbitMQ 3.9.0-3.9.17 & VMware RabbitMQ <3.8.32 - Weak URI Obfuscation in Shovel/Federation

CVE-2022-30935 CRITICAL

b2evolution < 7.2.5 - Unauthenticated Authorization Bypass via Predictable Password Reset Tokens

CVE-2022-38970 MEDIUM

ieGeek IG20 hipcam RealServer V1.0 - Incorrect Access Control

CVE-2022-36536 CRITICAL

Syncovery <9.47x - Privilege Escalation

CVE-2022-40299 HIGH

Singular <4.3.1 - Privilege Escalation

CVE-2022-1615 MEDIUM

Samba 4.1.0-4.16.9 - Use of Insufficiently Random Values via GnuTLS gnutls_rnd()

Previous Page 5 of 15 Next

Details

Vulnerabilities 375

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy