Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-331

CWE-331

Insufficient Entropy

Parent: CWE-330 - Use of Insufficiently Random Values

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

131 vulnerabilities with CWE-331

CVE-2024-26329 MEDIUM

Chilkat <9.5.0.98 - Info Disclosure

CVE-2024-25730 CRITICAL

Hitron CODA-4582/4589 - Info Disclosure

CVE-2024-22473 MEDIUM

Gecko SDK < 4.4.0 - Signature Spoofing via Insufficient TRNG Entropy

CVE-2024-25407 HIGH

SteVe 3.6.0 - Denial of Service via Predictable Transaction ID

CVE-2023-37822 HIGH

Eufy Homebase 2 <3.3.4.1h - Info Disclosure

CVE-2023-49927 MEDIUM

Samsung Mobile Processor - Info Disclosure

CVE-2023-49599 CRITICAL

WWBN AVideo - Insufficient Entropy in Salt Generation

CVE-2023-46648 HIGH

GitHub Enterprise Server <3.8.12-3.11.1 - Info Disclosure

CVE-2023-26154 MEDIUM

PubNub <7.4.0, <6.19.0, <7.3.0, <6.1.0, <5.3.0, <0.4.0 - Path Trave...

CVE-2023-31176 HIGH

SEL-451 Firmware r315-v0 to r315-v4 - Unauthenticated Authentication Bypass via Session Token Brute-Force

CVE-2023-31582 HIGH

jose4j < 0.9.3 - Insufficient Entropy via Low Iteration Count

CVE-2023-34973 LOW

QNAP QTS 5.0.1-5.0.1.2424 and QTS 5.1.0-5.1.0.2443 - Insufficient Entropy

CVE-2023-4344 CRITICAL

Broadcom RAID Controller - Info Disclosure

CVE-2023-38357 MEDIUM

RWS WorldServer <11.7.3 - Info Disclosure

CVE-2023-36610 MEDIUM

Ovarro TBox Firmware < 1.50.598 - Insufficient Entropy in Security Token Generation

CVE-2023-3325 HIGH

CMS Commander < 2.287 - Unauthenticated Authorization Bypass via Insufficient Cryptographic Signature

CVE-2023-20107 HIGH

Cisco ASA/FTD - Cryptographic Collision

CVE-2022-43755 HIGH

SUSE Rancher <2.6.10-2.7.1 - Info Disclosure

CVE-2022-20941 MEDIUM

Cisco Firepower Management Center - Unauthenticated Sensitive Information Disclosure via Resource Enumeration

CVE-2022-34746 MEDIUM

Zyxel GS1900 <V2.70 - Info Disclosure

CVE-2022-33989 MEDIUM

dproxy-nexgen - Insufficient Entropy in UDP Source Port Selection

CVE-2022-34294 CRITICAL

totd 1.5.3 - Insufficient Entropy in DNS Query Source Port

CVE-2022-37401 HIGH

Apache OpenOffice <4.1.13 - Info Disclosure

CVE-2022-33738 HIGH

OpenVPN Access Server <2.11 - Info Disclosure

CVE-2022-31034 HIGH

Argo CD 0.11.0-2.1.16 - Insufficient Entropy in OAuth2/OIDC Login Flow Parameters

Previous Page 3 of 6 Next

Details

Vulnerabilities 131

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy