Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-330

CWE-330

High likelihood

Use of Insufficiently Random Values

Parent: CWE-693 - Protection Mechanism Failure

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

375 vulnerabilities with CWE-330

CVE-2021-41694 CRITICAL

Premiumdatingscript 4.2.7.7 - Info Disclosure

CVE-2021-38377 MEDIUM

OX App Suite <= 7.10.5 - Cross-Site Scripting via Predictable UUID in Truncated Email

CVE-2021-22968 HIGH

Concrete CMS < 8.5.7 - Authenticated Remote Code Execution via File Upload Bypass

CVE-2021-26322 HIGH

AMD EPYC Firmware - Information Disclosure via Weak IV

CVE-2021-28024 CRITICAL

ServiceTonic Helpdesk <9.0.35937 - Privilege Escalation

CVE-2021-22038 HIGH

Windows Uninstaller - Privilege Escalation

CVE-2021-41829 HIGH

Zoho ManageEngine Remote Access Plus <10.1.2121.1 - RCE

CVE-2021-41061 MEDIUM

RIOT-OS 2021.01 - Nonce Reuse in 802.15.4 Encryption

CVE-2021-37186 MEDIUM

Siemens LOGO! CMR2020/CMR2040 < 2.2 & SIMATIC RTU3010C/RTU3030C/RTU3031C/RTU3041C < 4.0.9 - Predictable TCP ISN

CVE-2021-34646 CRITICAL

Booster for WooCommerce <= 5.4.3 - Authentication Bypass via Email Verification Token Weakness

CVE-2021-31228 HIGH

HCC embedded InterNiche 4.0.1 - SSRF

CVE-2021-0417 MEDIUM

Android - Denial of Service in Memory Management Driver

CVE-2021-39249 MEDIUM

Invision Power Board < 4.6.5.1 - Reflected Cross-Site Scripting via Predictable Uploaded Filename

CVE-2021-38606 CRITICAL

reNgine < 0.5 - Predictable Directory Name

CVE-2021-3692 MEDIUM

Yii 2.0.0-2.0.42 - Use of Predictable Algorithm in Random Number Generator

CVE-2021-3689 HIGH

Yii 2.0.0-2.0.42 - Use of Predictable Algorithm in Random Number Generator

CVE-2021-25444 MEDIUM

keymaster <SMR AUG-2021 Release 1 - Info Disclosure

CVE-2021-26098 MEDIUM

FortiSandbox <4.0.0 - Info Disclosure

CVE-2021-27499 MEDIUM

Ypsomed mylife <1.7.2-1.7.5 - Info Disclosure

CVE-2021-28674 MEDIUM

SolarWinds Orion Platform < 2020.2.5 - Authenticated Node Creation and Deletion via Predictable Node IDs

CVE-2021-32791 MEDIUM

Apache mod_auth_openidc <2.4.9 - Cryptographic Issue

CVE-2021-29480 MEDIUM

Ratpack < 1.9.0 - Predictable Session Signing Key

CVE-2021-27200 CRITICAL

WoWonder 3.0.4 - Account Takeover via Weak Cryptographic Algorithm in recover.php

CVE-2021-0466 HIGH

Android 10 - Remote Information Disclosure via ClientModeImpl Identifier Tracking

CVE-2021-23020 MEDIUM

F5 NGINX Controller 3.0.0-3.9.9 - Use of Insufficiently Random Values in API Key Generation

Previous Page 8 of 15 Next

Details

Vulnerabilities 375

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy