CWE-338

Medium likelihood

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Parent: CWE-330 - Use of Insufficiently Random Values

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

171 vulnerabilities with CWE-338
CVE-2022-36045 CRITICAL
NodeBB Forum Software - Info Disclosure
CVSS 9.0
CVE-2022-33738 HIGH
OpenVPN Access Server <2.11 - Info Disclosure
CVSS 7.5
CVE-2022-20817 HIGH
Cisco Unified IP Phones - Privilege Escalation
CVSS 7.4
CVE-2022-29245 MEDIUM
SSH.NET 2020.0.0-2020.0.1 - Info Disclosure
CVSS 6.5
CVE-2022-0828 HIGH
WordPress Plugin <3.2.34 - Code Injection
CVSS 7.5
CVE-2022-26779 HIGH
Apache CloudStack <4.16.1.0 - Info Disclosure
CVSS 7.5
CVE-2021-26091 HIGH
FortiMail <6.4.4/<6.2.7 - Info Disclosure
CVSS 7.5
CVE-2021-36171 HIGH
FortiPortal <6.0.6 - Info Disclosure
CVSS 8.1
CVE-2021-43799 HIGH
Zulip Server <4.9 - Info Disclosure
CVSS 8.6
CVE-2021-45489 HIGH
NetBSD <9.2 - Info Disclosure
CVSS 7.5
CVE-2021-45484 HIGH
NetBSD <9.2 - Info Disclosure
CVSS 7.5
CVE-2021-3990 MEDIUM
showdoc - Memory Corruption
CVSS 6.5
CVE-2021-22948 HIGH
revive-adserver <5.3.0 - Info Disclosure
CVSS 7.1
CVE-2021-27913 LOW
Mautic <3.3.4, <4.0.0 - Info Disclosure
CVSS 3.5
CVE-2021-3047 MEDIUM
Palo Alto Networks PAN-OS <8.1.19, <9.0.14, <9.1 - Privilege Escala...
CVSS 4.2
CVE-2021-37553 HIGH
JetBrains YouTrack <2021.2.16363 - Info Disclosure
CVSS 7.5
CVE-2021-3678 MEDIUM
showdoc - Memory Corruption
CVSS 5.9
CVE-2021-34430 HIGH
Eclipse Tinydtls < 0.8.2 - Weak Encryption
CVSS 7.5
CVE-2021-0131 MEDIUM
Intel Secl-dc < 3.3 - Information Disclosure
CVSS 6.5
CVE-2021-3538 CRITICAL
github.com/satori/go.uuid - Info Disclosure
CVSS 9.8
CVE-2021-29245 MEDIUM
BTCPay Server <1.0.7.0 - Info Disclosure
CVSS 5.3
CVE-2021-23126 MEDIUM
Joomla! <3.9.24 - Info Disclosure
CVSS 5.3
CVE-2020-28924 HIGH
Rclone <1.53.3 - Info Disclosure
CVSS 7.5
CVE-2020-28642 CRITICAL
InfiniteWP Admin Panel <3.1.12.3 - Info Disclosure
CVSS 9.8
CVE-2020-11616 HIGH
Intel Bmc Firmware < 3.38.30 - Information Disclosure
CVSS 7.5
Details
Vulnerabilities 171
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits