The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
124 vulnerabilities with CWE-331
CVE-2018-18326
HIGH
DNN 9.2-9.2.2 - Info Disclosure
CVSS 7.5
CVE-2018-15812
HIGH
DotNetNuke Cookie Deserialization Remote Code Excecution
CVSS 7.5
CVE-2018-8435
MEDIUM
Windows Hyper-V - Privilege Escalation
CVSS 4.2
CVE-2018-1000620
CRITICAL
Eran Hammer cryptiles <4.1.1 - Insufficient Entropy
CVSS 9.8
CVE-2018-10240
HIGH
SolarWinds Serv-U MFT <15.1.6 HFv1 - Info Disclosure
CVSS 7.3
CVE-2017-18883
CRITICAL
Mattermost Server <4.3.0-4.1.2 - Info Disclosure
CVSS 9.1
CVE-2017-2626
MEDIUM
libICE <1.0.9-8 - Info Disclosure
CVSS 5.2
CVE-2017-2625
MEDIUM
libXdmcp <1.1.2 - Info Disclosure
CVSS 6.5
CVE-2017-13992
HIGH
LOYTEC LVIS-3ME <6.2.0 - RCE
CVSS 8.1
CVE-2017-6030
MEDIUM
Schneider Electric Modicon PLCs - Predictable Value Range
CVSS 6.5
CVE-2017-0897
HIGH
ExpressionEngine <2.11.8, <3.5.5 - RCE
CVSS 7.5
CVE-2016-2564
MEDIUM
Invision Power Services Community Suite <4.1.9 - Info Disclosure
CVSS 5.9
CVE-2016-2858
MEDIUM
Qemu < 2.5.1.1 - Denial of Service
CVSS 6.5
CVE-2015-3006
MEDIUM
Juniper Networks - Info Disclosure
CVSS 6.5
CVE-2015-8851
HIGH
node-uuid <1.4.4 - Info Disclosure
CVSS 7.5
CVE-2015-7764
HIGH
Lemur 0.1.4 - Info Disclosure
CVSS 7.5
CVE-2015-3405
HIGH
ntp <4.2.8p2-RC2, <4.3.12 - Info Disclosure
CVSS 7.5
CVE-2014-8422
HIGH
Unify OpenStage/OpenScape <R3.32.0 - Info Disclosure
CVSS 8.1
CVE-2014-0691
HIGH
Cisco WebEx Meetings Server <1.1 - Auth Bypass
CVSS 7.3
CVE-2013-2260
CRITICAL
Cryptocat <2.0.22 - Info Disclosure
CVSS 9.8
CVE-2012-4687
Post Oak AWAM - Info Disclosure
CVE-2008-1447
MEDIUM
BIND 8-9 <9.5.0-P1 - RCE
CVSS 6.8
CVE-2008-2108
CRITICAL
PHP <4.4.8 & <5.2.5 - Info Disclosure
CVSS 9.8
CVE-2001-0950
HIGH
ValiCert EVA <4.2.1 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
124