Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-331

CWE-331

Insufficient Entropy

Parent: CWE-330 - Use of Insufficiently Random Values

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

131 vulnerabilities with CWE-331

CVE-2019-10064 HIGH

hostapd < 2.6 - Insufficient Entropy in EAP Mode

CVE-2019-14317 MEDIUM

wolfSSL and wolfCrypt <4.1.0 - Info Disclosure

CVE-2019-15703 HIGH

Fortinet FortiOS <6.2.1 - Info Disclosure

CVE-2019-15847 HIGH

GCC < 10 - Insufficient Entropy in POWER9 __builtin_darn Intrinsic

CVE-2019-14806 HIGH

Pallets Werkzeug <0.15.3 - Info Disclosure

CVE-2019-9555 MEDIUM

Sagemcom F@st 5260 - Info Disclosure

CVE-2018-9426 HIGH

RSAKeyPairGenerator - Crypto Vulnerability

CVE-2018-18326 HIGH

DNN 9.2-9.2.2 - Info Disclosure

CVE-2018-15812 HIGH

DotNetNuke Cookie Deserialization Remote Code Excecution

CVE-2018-8435 MEDIUM

Windows Hyper-V - Privilege Escalation

CVE-2018-1000620 CRITICAL

Eran Hammer cryptiles <4.1.1 - Insufficient Entropy

CVE-2018-10240 HIGH

SolarWinds Serv-U MFT <15.1.6 HFv1 - Info Disclosure

CVE-2017-18883 CRITICAL

Mattermost Server <4.3.0-4.1.2 - Info Disclosure

CVE-2017-2626 MEDIUM

libICE < 1.0.9 - Session Hijacking via Weak Entropy in Key Generation

CVE-2017-2625 MEDIUM

libXdmcp < 1.1.2 - Session Key Brute Force via Weak Entropy

CVE-2017-13992 HIGH

LOYTEC LVIS-3ME < 6.2.0 - Insufficient Entropy in Web Interface Authentication

CVE-2017-6030 MEDIUM

Schneider Electric Modicon PLCs - Predictable Value Range

CVE-2017-0897 HIGH

ExpressionEngine <2.11.8, <3.5.5 - RCE

CVE-2016-2564 MEDIUM

Invision Power Services Community Suite <4.1.9 - Info Disclosure

CVE-2016-2858 MEDIUM

QEMU < 2.5.1.1 - Denial of Service via PRNG Entropy Request

CVE-2015-3006 MEDIUM

Juniper Junos on QFX3500 and QFX3600 - Insufficient Entropy in RANDOM_INTERRUPT Source

CVE-2015-8851 HIGH

node-uuid < 1.4.4 - Insufficient Entropy in GUID Generation

CVE-2015-7764 HIGH

Lemur < 0.1.5 - Insufficient Entropy in AES-CBC IV Generation

CVE-2015-3405 HIGH

ntp <4.2.8p2-RC2, <4.3.12 - Info Disclosure

CVE-2014-8422 HIGH

Unify OpenStage/OpenScape <R3.32.0 - Info Disclosure

Previous Page 5 of 6 Next

Details

Vulnerabilities 131

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy