The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
131 vulnerabilities with CWE-331
CVE-2014-0691
HIGH
Cisco WebEx Meetings Server <1.1 - Auth Bypass
CVSS 7.3
CVE-2013-2260
CRITICAL
Cryptocat <2.0.22 - Info Disclosure
CVSS 9.8
CVE-2012-4687
Post Oak AWAM Bluetooth Reader Traffic System - Insufficient Entropy in Private Key Generation
CVE-2008-1447
MEDIUM
BIND < 9.5.0-P1, 9.4.2-P1, 9.3.5-P1 - DNS Cache Poisoning via Insufficient Transaction ID and Source Port Entropy
CVSS 6.8
CVE-2008-2108
CRITICAL
PHP <4.4.8 & <5.2.5 - Info Disclosure
CVSS 9.8
CVE-2001-0950
HIGH
ValiCert EVA <4.2.1 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
131