CWE-338

Medium likelihood

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Parent: CWE-330 - Use of Insufficiently Random Values

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

171 vulnerabilities with CWE-338
CVE-2018-12885 MEDIUM
MyCryptoChamp - Info Disclosure
CVSS 5.9
CVE-2018-14715 HIGH
Cryptogs - Info Disclosure
CVSS 7.5
CVE-2018-12454 HIGH
Simplelottery - Info Disclosure
CVSS 7.5
CVE-2017-16028 MEDIUM
react-native-meteor-oauth - Info Disclosure
CVSS 5.3
CVE-2017-18021 CRITICAL
QtPass <1.2.1 - Info Disclosure
CVSS 9.8
CVE-2017-17845 HIGH
Enigmail <1.9.9 - Info Disclosure
CVSS 7.3
CVE-2017-11671 MEDIUM
GCC <5.5-6.4 - Info Disclosure
CVSS 4.0
CVE-2017-9230 HIGH
Bitcoin - Info Disclosure
CVSS 7.5
CVE-2017-8081 HIGH
Cagintranetworks Getsimple Cms - CSRF
CVSS 8.8
CVE-2017-5493 HIGH
WordPress <4.7.1 - Info Disclosure
CVSS 7.5
CVE-2015-9435 CRITICAL
WordPress oauth2-provider <3.1.5 - Info Disclosure
CVSS 9.8
CVE-2014-2362
OleumTech WIO DH2 - Info Disclosure
CVE-2013-20003 HIGH
Silabs Zgm130s037hgn Firmware - Broken Cryptographic Algorithm
CVSS 8.3
CVE-2012-6124 MEDIUM
Chicken <4.8.0 - Info Disclosure
CVSS 5.3
CVE-2011-4574 CRITICAL
PolarSSL <1.1 - Info Disclosure
CVSS 9.8
CVE-2009-3278 MEDIUM
QNAP TS-239 Pro/TS-639 Pro <3.1.1 - Info Disclosure
CVSS 5.5
CVE-2009-3238 MEDIUM
Linux kernel <2.6.30 - Info Disclosure
CVSS 5.5
CVE-2009-2367 CRITICAL
Iomega StorCenter Pro - Info Disclosure
CVSS 9.8
CVE-2008-3280 MEDIUM
OpenID Providers - Info Disclosure
CVSS 5.9
CVE-2008-0166 HIGH
OpenSSL <0.9.8g-9 - Info Disclosure
CVSS 7.5
CVE-2002-20002 MEDIUM
Net::EasyTCP <0.15 - Info Disclosure
CVSS 5.4
Details
Vulnerabilities 171
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits