Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-331

CWE-331

Insufficient Entropy

Parent: CWE-330 - Use of Insufficiently Random Values

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

131 vulnerabilities with CWE-331

CVE-2025-50122 HIGH

EcoStruxure IT Data Center Expert >=8.3 - Insufficient Entropy in Password Generation

CVE-2025-6931 LOW

D-Link DCS-6517/7517 <2.02.0 - Insufficient Entropy

CVE-2025-52464 HIGH

Meshtastic <2.6.11 - Info Disclosure

CVE-2025-47781 CRITICAL

rallly <= 3.22.1 - Unauthenticated Account Takeover via Weak Email Token Brute Force

CVE-2025-2814 MEDIUM

Crypt::CBC 1.21-3.05 - Weak Cryptographic IV Generation via rand() Fallback

CVE-2025-1860 HIGH

Data::Entropy <0.008 - Info Disclosure

CVE-2025-27552 MEDIUM

DBIx::Class::EncodedColumn <0.00032 - Info Disclosure

CVE-2025-27551 MEDIUM

DBIx::Class::EncodedColumn <0.00032 - Info Disclosure

CVE-2025-29311 HIGH

ONOS 2.7.0 - Insufficient Entropy in LLDP Packet Private Key

CVE-2025-1828 HIGH

Crypt::Random Perl <1.56 - Info Disclosure

CVE-2024-58040 CRITICAL

Crypt::RandomEncryption 0.01 - Insecure RNG

CVE-2024-58134 HIGH

Mojolicious <0.999922 - Info Disclosure

CVE-2024-56370 MEDIUM

Net::Xero <= 0.44 - Insufficient Entropy via rand() Function

CVE-2024-52322 MEDIUM

WebService::Xero <0.11 - Info Disclosure

CVE-2024-58036 MEDIUM

Net::Dropbox::API <1.9 - Info Disclosure

CVE-2024-57868 MEDIUM

Web::API < 2.8 - Insufficient Entropy via rand() Function

CVE-2024-9055 MEDIUM

Silicon Labs Series 2 - Info Disclosure

CVE-2024-53522 HIGH

Bangkok Medical Software HOSxP XE <4.64.11.3 - Info Disclosure

CVE-2024-20331 MEDIUM

Cisco Adaptive Security Appliance Software - Unauthenticated Denial of Service via Session Authentication Handle

CVE-2024-47945 CRITICAL

Session Hijacking - Info Disclosure

CVE-2024-8796 MEDIUM

Devise-Two-Factor >=2.2.0 <6.0.0 - Info Disclosure

CVE-2024-38270 MEDIUM

Zyxel GS1900-10HP <V2.80(AAZI.0)C0 - Info Disclosure

CVE-2024-6508 HIGH

OpenShift Console - Insufficient Entropy in OAuth2 State Parameter

CVE-2024-36400 CRITICAL

nano-id < 0.4.0 - Insufficient Entropy in base62 and base58 Functions

CVE-2024-3411 CRITICAL

Dell iDRAC8 - Insufficient Entropy in IPMI Session Authentication

Previous Page 2 of 6 Next

Details

Vulnerabilities 131

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy