Vulnerabilities (CVE)

Filtered by CWE-338
Total 89 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3278 1 Qnap 4 Ts-239 Pro, Ts-239 Pro Firmware, Ts-639 Pro and 1 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the rand library function to generate a certain recovery key, which makes it easier for local users to determine this key via a brute-force attack.
CVE-2009-3238 4 Canonical, Linux, Opensuse and 1 more 5 Ubuntu Linux, Linux Kernel, Opensuse and 2 more 2024-11-21 7.8 HIGH 5.5 MEDIUM
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."
CVE-2009-2367 1 Iomega 2 Storcenter Pro, Storcenter Pro Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session_id parameter.
CVE-2008-0166 3 Canonical, Debian, Openssl 3 Ubuntu Linux, Debian Linux, Openssl 2024-11-21 7.8 HIGH 7.5 HIGH
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
CVE-2024-4772 2024-11-20 N/A 5.9 MEDIUM
An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126.
CVE-2023-31305 2024-11-06 N/A 1.9 LOW
Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure.
CVE-2023-50059 2024-11-04 N/A 5.3 MEDIUM
An issue ingalxe.com Galxe platform 1.0 allows a remote attacker to obtain sensitive information via the Web3 authentication process of Galxe, the signed message lacks a nonce (random number)
CVE-2024-47126 1 Gotenna 1 Gotenna Pro 2024-10-17 N/A 8.8 HIGH
The goTenna Pro App does not use SecureRandom when generating passwords for sharing cryptographic keys. The random function in use makes it easier for attackers to brute force this password if the broadcasted encryption key is captured over RF. This only applies to the optional broadcast of an encryption key, so it is advised to share the key with local QR code for higher security operations.
CVE-2024-45723 1 Gotenna 1 Gotenna 2024-10-17 N/A 6.5 MEDIUM
The goTenna Pro ATAK Plugin does not use SecureRandom when generating passwords for sharing cryptographic keys. The random function in use makes it easier for attackers to brute force this password if the broadcasted encryption key is captured over RF. This only applies to the optional broadcast of an encryption key, so it is advised to share the key with local QR code for higher security operations.
CVE-2021-3538 1 Satori 1 Uuid 2024-10-11 7.5 HIGH 9.8 CRITICAL
A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.
CVE-2017-9230 1 Bitcoin 1 Bitcoin 2024-08-05 5.0 MEDIUM 7.5 HIGH
** DISPUTED ** The Bitcoin Proof-of-Work algorithm does not consider a certain attack methodology related to 80-byte block headers with a variety of initial 64-byte chunks followed by the same 16-byte chunk, multiple candidate root values ending with the same 4 bytes, and calculations involving sqrt numbers. This violates the security assumptions of (1) the choice of input, outside of the dedicated nonce area, fed into the Proof-of-Work function should not change its difficulty to evaluate and (2) every Proof-of-Work function execution should be independent. NOTE: a number of persons feel that this methodology is a benign mining optimization, not a vulnerability.
CVE-2024-38353 2024-07-11 N/A 5.3 MEDIUM
CodiMD allows realtime collaborative markdown notes on all platforms. CodiMD before 2.5.4 is missing authentication and access control vulnerability allowing an unauthenticated attacker to gain unauthorised access to image data uploaded to CodiMD. CodiMD does not require valid authentication to access uploaded images or to upload new image data. An attacker who can determine an uploaded image's URL can gain unauthorised access to uploaded image data. Due to the insecure random filename generation in the underlying Formidable library, an attacker can determine the filenames for previously uploaded images and the likelihood of this issue being exploited is increased. This vulnerability is fixed in 2.5.4.
CVE-2024-34538 2024-07-03 N/A 7.5 HIGH
Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography.
CVE-2024-29868 2024-07-03 N/A 9.1 CRITICAL
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Apache StreamPipes user self-registration and password recovery mechanism. This allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account. This issue affects Apache StreamPipes: from 0.69.0 through 0.93.0. Users are recommended to upgrade to version 0.95.0, which fixes the issue.
CVE-2024-25389 2024-07-03 N/A 7.5 HIGH
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed + 2531011L; return (seed >> 16) & 0x7FFF;" in calc_random in drivers/misc/rt_random.c.
CVE-2024-24554 2024-06-24 N/A N/A
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
CVE-2024-5264 1 Thalesgroup 1 Luna Eft 2024-06-21 N/A 6.5 MEDIUM
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis
CVE-2024-31497 6 Fedoraproject, Filezilla-project, Putty and 3 more 6 Fedora, Filezilla Client, Putty and 3 more 2024-06-20 N/A 5.9 MEDIUM
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.
CVE-2023-45237 1 Tianocore 1 Edk2 2024-03-07 N/A 7.5 HIGH
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.
CVE-2023-45236 1 Tianocore 1 Edk2 2024-03-07 N/A 7.5 HIGH
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.