Fallos del tipo CWE-330
148 resultadosCVE-2023-2884CRITICALInsecure Randomness in CBOT's ChatbotEPSS 0.7%CVE-2024-21495MEDIUMVersions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure Randomness due to using an insecure randEPSS 0.7%CVE-2026-27637CRITICALFreeScout's Predictable Authentication Token Enables Account TakeoverEPSS 0.7%CVE-2024-25943HIGHiDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulneraEPSS 0.7%CVE-2019-25089LOWMorgawr Muon handler.clj random valuesEPSS 0.6%CVE-2024-20331MEDIUMCisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Authentication DoS VulnerabilityEPSS 0.6%CVE-2018-13280HIGHUse of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allEPSS 0.6%CVE-2022-29035LOWIn JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementationsEPSS 0.6%CVE-2024-52615MEDIUMAvahi: avahi wide-area dns uses constant source portEPSS 0.6%CVE-2022-43501CRITICALKASAGO TCP/IP stack provided by Zuken Elmic generates ISNs(Initial Sequence Number) for TCP connections from an insufficiently random sourceEPSS 0.6%CVE-2023-22601CRITICAL
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerEPSS 0.6%CVE-2023-3803LOWChengdu Flash Flood Disaster Monitoring and Warning System File Name ImageStationDataService.asmx random valuesEPSS 0.5%CVE-2020-27264—In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AEPSS 0.5%CVE-2024-12432HIGHWPC Shop as a Customer for WooCommerce <= 1.2.8 - Authentication Bypass Due to Insufficiently Unique KeyEPSS 0.5%CVE-2022-44795MEDIUMAn issue was discovered in Object First Ootbi BETA build 1.0.7.712. A flaw was found in the Web Service, which could lead to local informatiEPSS 0.5%CVE-2024-36389CRITICALMileSight DeviceHub - CWE-330 Use of Insufficiently Random ValuesEPSS 0.5%CVE-2026-25072HIGHXikeStor SKS8310-8X Predictable Session IdentifiersEPSS 0.5%CVE-2022-43485MEDIUMInsecure random number used for generating keys for signing Jwt tokensEPSS 0.5%CVE-2024-10082HIGHCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
Authentication methoEPSS 0.5%CVE-2025-4607CRITICALPSW Front-end Login & Registration <= 1.12 - Insufficiently Random Values to Unauthenticated Account Takeover/Privilege Escalation via customer_registration FunctionEPSS 0.5%