CWE-338
Medium likelihoodUse of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
184 vulnerabilities with CWE-338
CVE-2023-2884
CRITICAL
CBOT Chatbot <4.0.3.4-4.0.3.7 - Signature Spoofing
CVSS 9.8
CVE-2023-31290
MEDIUM
Trust Wallet Core <3.1.1 - Info Disclosure
CVSS 5.9
CVE-2023-28835
LOW
Nextcloud <24.0.10-25.0.4 - Info Disclosure
CVSS 3.5
CVE-2023-28395
HIGH
Osprey Pump Controller <1.01 - Auth Bypass
CVSS 8.3
CVE-2023-24828
HIGH
Onedev <7.9.12 - Privilege Escalation
CVSS 8.1
CVE-2022-26943
HIGH
Motorola MTM5000 and MTM5400 Firmware - Cryptographically Weak PRNG in TETRA Authentication Challenge
CVSS 8.8
CVE-2022-48506
LOW
Dominion Voting Systems ImageCast - Info Disclosure
CVSS 2.4
CVE-2022-45782
HIGH
dotCMS core <5.3.8.15,22.10.1 - Info Disclosure
CVSS 8.8
CVE-2022-23472
MEDIUM
Passeo < 1.0.5 - Use of Cryptographically Weak PRNG
CVSS 5.9
CVE-2022-35255
CRITICAL
Node.js 15.0.0-15.13.0 and 16.13.0-16.17.0 - Weak Cryptographic Key Generation via WebCrypto EntropySource
CVSS 9.1
CVE-2022-44796
CRITICAL
Object First Ootbi <1.0.7.712 - Auth Bypass
CVSS 9.8
CVE-2022-41210
MEDIUM
SAP Customer Data Cloud Gigya mobile app for Android <7.4 - Info Di...
CVSS 5.2
CVE-2022-40769
HIGH
profanity < 1.60 - Use of Cryptographically Weak PRNG
CVSS 7.5
CVE-2022-36045
CRITICAL
NodeBB Forum Software - Info Disclosure
CVSS 9.0
CVE-2022-33738
HIGH
OpenVPN Access Server <2.11 - Info Disclosure
CVSS 7.5
CVE-2022-20817
HIGH
Cisco Unified IP Phones - Privilege Escalation
CVSS 7.4
CVE-2022-29245
MEDIUM
SSH.NET 2020.0.0-2020.0.1 - Info Disclosure
CVSS 6.5
CVE-2022-0828
HIGH
WordPress Plugin <3.2.34 - Code Injection
CVSS 7.5
CVE-2022-26779
HIGH
Apache CloudStack <4.16.1.0 - Info Disclosure
CVSS 7.5
CVE-2021-26091
HIGH
FortiMail <6.4.4/<6.2.7 - Info Disclosure
CVSS 7.5
CVE-2021-36171
HIGH
FortiPortal <6.0.6 - Info Disclosure
CVSS 8.1
CVE-2021-43799
HIGH
Zulip Server <4.9 - Info Disclosure
CVSS 8.6
CVE-2021-45489
HIGH
NetBSD < 9.2 - Weak PRNG in IPv6 Flow Label Generation
CVSS 7.5
CVE-2021-45484
HIGH
NetBSD < 9.2 - Weak IPv6 Fragment ID Generation
CVSS 7.5
CVE-2021-3990
MEDIUM
showdoc < 2.9.13 - Use of Cryptographically Weak Pseudo-Random Number Generator
CVSS 6.5
Details
Vulnerabilities
184
Exploit Likelihood
Medium