CWE-338
Medium likelihoodUse of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
171 vulnerabilities with CWE-338
CVE-2025-21617
MEDIUM
Guzzle <0.8.1 - Info Disclosure
CVE-2025-22376
MEDIUM
Net::OAuth::Client <0.29 - Info Disclosure
CVSS 5.3
CVE-2024-57854
CRITICAL
Net::NSCA::Client <=0.009002 - Weak RNG
CVSS 9.1
CVE-2024-58041
CRITICAL
Smolder <=1.51 - Insecure Randomness
CVSS 9.1
CVE-2024-58040
CRITICAL
Crypt::RandomEncryption 0.01 - Insecure RNG
CVSS 9.1
CVE-2024-58135
MEDIUM
Mojolicious <7.28 - Info Disclosure
CVSS 5.3
CVE-2024-56370
MEDIUM
Net::Xero <0.044 - Info Disclosure
CVSS 6.5
CVE-2024-52322
MEDIUM
WebService::Xero <0.11 - Info Disclosure
CVSS 5.5
CVE-2024-58036
MEDIUM
Net::Dropbox::API <1.9 - Info Disclosure
CVSS 5.5
CVE-2024-57868
MEDIUM
Web::API <2.8 - Info Disclosure
CVSS 5.5
CVE-2024-57835
MEDIUM
Amon2::Auth::Site::LINE - Info Disclosure
CVSS 5.5
CVE-2024-40762
CRITICAL
SonicOS - Auth Bypass
CVSS 9.8
CVE-2024-56830
MEDIUM
Net::EasyTCP <0.27 - Info Disclosure
CVSS 5.4
CVE-2024-53702
MEDIUM
SonicWall SMA100 - Info Disclosure
CVSS 5.3
CVE-2024-7315
HIGH
WordPress Plugin <0.9.106 - Info Disclosure
CVSS 7.5
CVE-2024-47126
MEDIUM
goTenna Pro App - Info Disclosure
CVSS 6.5
CVE-2024-45723
MEDIUM
goTenna Pro ATAK Plugin - Info Disclosure
CVSS 6.5
CVE-2024-45751
MEDIUM
tgt <1.0.93 - Info Disclosure
CVSS 5.9
CVE-2024-38353
MEDIUM
CodiMD <2.5.4 - Info Disclosure
CVSS 5.3
CVE-2024-29868
CRITICAL
Apache StreamPipes <0.95.0 - Info Disclosure
CVSS 9.1
CVE-2024-24554
HIGH
Bludit - Auth Bypass
CVSS 8.2
CVE-2024-5264
MEDIUM
Thales Luna EFT >=2.1 - Info Disclosure
CVSS 5.9
CVE-2024-4772
MEDIUM
Firefox < 126 - Info Disclosure
CVSS 5.9
CVE-2024-34538
HIGH
Mateso PasswordSafe <8.13.9.26689 - Info Disclosure
CVSS 7.5
CVE-2024-31497
MEDIUM
PuTTY <0.81 - Info Disclosure
CVSS 5.9
Details
Vulnerabilities
171
Exploit Likelihood
Medium