CWE-338
Medium likelihoodUse of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
184 vulnerabilities with CWE-338
CVE-2024-56830
MEDIUM
Net::EasyTCP <0.27 - Info Disclosure
CVSS 5.4
CVE-2024-53702
MEDIUM
SonicWall SMA 200/210/400/410/500v < 10.2.1.14-75sv - Weak PRNG in SSLVPN Backup Code
CVSS 5.3
CVE-2024-7315
HIGH
WordPress Plugin <0.9.106 - Info Disclosure
CVSS 7.5
CVE-2024-47126
MEDIUM
goTenna Pro < 1.6.1 and < 2.0.3 - Use of Cryptographically Weak PRNG in Password Generation
CVSS 6.5
CVE-2024-45723
MEDIUM
goTenna Pro ATAK Plugin - Info Disclosure
CVSS 6.5
CVE-2024-45751
MEDIUM
tgt < 1.0.93 - Use of Cryptographically Weak PRNG via Unseeded rand
CVSS 5.9
CVE-2024-38353
MEDIUM
CodiMD < 2.5.4 - Unauthenticated Image Data Access via Insecure Filename Generation
CVSS 5.3
CVE-2024-29868
CRITICAL
Apache StreamPipes <0.95.0 - Info Disclosure
CVSS 9.1
CVE-2024-24554
HIGH
Bludit 3.14.0-3.14.9 - Unauthenticated Authentication Bypass via Predictable MD5 Token
CVSS 8.2
CVE-2024-5264
MEDIUM
Thales Luna EFT >=2.1 - Info Disclosure
CVSS 5.9
CVE-2024-4772
MEDIUM
Firefox < 126.0 - Predictable HTTP Digest Authentication Nonce via Weak PRNG
CVSS 5.9
CVE-2024-34538
HIGH
Mateso PasswordSafe <8.13.9.26689 - Info Disclosure
CVSS 7.5
CVE-2024-31497
MEDIUM
PuTTY 0.68-0.80 - Cryptographically Weak PRNG in ECDSA Nonce Generation
CVSS 5.9
CVE-2024-25389
HIGH
RT-Thread <= 5.0.2 - Use of Cryptographically Weak PRNG in calc_random
CVSS 7.5
CVE-2024-23660
HIGH
Binance Trust Wallet <0.0.4 - Info Disclosure
CVSS 7.5
CVE-2023-31305
LOW
AMD Radeon RX 6000 and PRO W6000 Series Graphics Cards - Information Disclosure via Weak IV in PMFW
CVSS 1.9
CVE-2023-50059
MEDIUM
Galxe platform 1.0 - Sensitive Information Exposure via Web3 Authentication
CVSS 5.3
CVE-2023-45237
MEDIUM
EDK2 < 202311 - Predictable TCP Initial Sequence Number in Network Package
CVSS 5.3
CVE-2023-45236
MEDIUM
EDK2 < 202311 - Predictable TCP Initial Sequence Number in Network Package
CVSS 5.8
CVE-2023-48224
HIGH
Fides < 2.24.0 - Predictable One-Time Code Generation via Weak PRNG
CVSS 8.2
CVE-2023-27791
HIGH
IXP Data Easy Install 6.6.148840 - Privilege Escalation
CVSS 8.1
CVE-2023-39910
HIGH
Libbitcoin Explorer <3.6.0 - Info Disclosure
CVSS 7.5
CVE-2023-36993
CRITICAL
TravianZ <8.3.4-8.3.3 - Info Disclosure
CVSS 9.8
CVE-2023-34363
MEDIUM
Progress DataDirect Connect for ODBC <08.02.2770 - Info Disclosure
CVSS 5.9
CVE-2023-32549
MEDIUM
Landscape < 19.10.5 - Use of Cryptographically Weak Pseudo-Random Number Generator
CVSS 6.8
Details
Vulnerabilities
184
Exploit Likelihood
Medium