Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3278 | 1 Qnap | 4 Ts-239 Pro, Ts-239 Pro Firmware, Ts-639 Pro and 1 more | 2025-04-09 | 4.9 MEDIUM | 5.5 MEDIUM |
| The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the rand library function to generate a certain recovery key, which makes it easier for local users to determine this key via a brute-force attack. | |||||
| CVE-2024-57835 | 1 Nipotan | 1 Line Integration For Amon2 | 2025-04-08 | N/A | 5.5 MEDIUM |
| Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values. String::Random defaults to Perl's built-in predictable random number generator, the rand() function, which is not cryptographically secure | |||||
| CVE-2024-56830 | 2025-04-08 | N/A | 5.4 MEDIUM | ||
| The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present. | |||||
| CVE-2025-1805 | 2025-04-03 | N/A | 5.3 MEDIUM | ||
| Crypt::Salt for Perl version 0.01 uses insecure rand() function when generating salts for cryptographic purposes. | |||||
| CVE-2024-4772 | 1 Mozilla | 1 Firefox | 2025-04-01 | N/A | 5.9 MEDIUM |
| An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126. | |||||
| CVE-2022-45782 | 1 Dotcms | 1 Dotcms | 2025-03-27 | N/A | 8.8 HIGH |
| An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account takeover. | |||||
| CVE-2024-31497 | 6 Fedoraproject, Filezilla-project, Putty and 3 more | 6 Fedora, Filezilla Client, Putty and 3 more | 2025-03-27 | N/A | 5.9 MEDIUM |
| In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6. | |||||
| CVE-2022-0828 | 1 W3eden | 1 Download Manager | 2025-03-21 | 5.0 MEDIUM | 7.5 HIGH |
| The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download. | |||||
| CVE-2023-45237 | 1 Tianocore | 1 Edk2 | 2025-02-13 | N/A | 5.3 MEDIUM |
| EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. | |||||
| CVE-2023-45236 | 1 Tianocore | 1 Edk2 | 2025-02-13 | N/A | 5.8 MEDIUM |
| EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. | |||||
| CVE-2023-31290 | 1 Trustwallet | 2 Trust Wallet Browser Extension, Trust Wallet Core | 2025-01-30 | N/A | 5.9 MEDIUM |
| Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input seed, resulting in only four billion possible mnemonics. The affected versions of the browser extension are 0.0.172 through 0.0.182. To steal funds efficiently, an attacker can identify all Ethereum addresses created since the 0.0.172 release, and check whether they are Ethereum addresses that could have been created by this extension. To respond to the risk, affected users need to upgrade the product version and also move funds to a new wallet address. | |||||
| CVE-2025-22376 | 2025-01-21 | N/A | 5.3 MEDIUM | ||
| In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong. | |||||
| CVE-2024-40762 | 2025-01-09 | N/A | 9.8 CRITICAL | ||
| Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass. | |||||
| CVE-2025-21617 | 2025-01-06 | N/A | N/A | ||
| Guzzle OAuth Subscriber signs Guzzle requests using OAuth 1.0. Prior to 0.8.1, Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source. This can leave servers vulnerable to replay attacks when TLS is not used. This vulnerability is fixed in 0.8.1. | |||||
| CVE-2022-48506 | 1 Dominionvoting | 1 Democracy Suite | 2025-01-02 | N/A | 2.4 LOW |
| A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. This issue was observed for use of the following versions of Democracy Suite: 5.2, 5.4-NM, 5.5, 5.5-A, 5.5-B, 5.5-C, 5.5-D, 5.7-A, 5.10, 5.10A, 5.15. NOTE: the Democracy Suite 5.17 EAC Certificate of Conformance mentions "Improved pseudo random number algorithm," which may be relevant. | |||||
| CVE-2002-20002 | 2025-01-02 | N/A | 5.4 MEDIUM | ||
| The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys. | |||||
| CVE-2018-25107 | 2024-12-31 | N/A | 7.5 HIGH | ||
| The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits. | |||||
| CVE-2024-53702 | 2024-12-05 | N/A | 5.3 MEDIUM | ||
| Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret. | |||||
| CVE-2024-45751 | 2024-11-30 | N/A | 5.9 MEDIUM | ||
| tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical. | |||||
| CVE-2024-5264 | 1 Thalesgroup | 1 Luna Eft | 2024-11-21 | N/A | 5.9 MEDIUM |
| Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis | |||||