CWE-330— Use of Insufficiently Random Values

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection.

A flaw was found in all versions of the Keycloak operator, before version 8.0.2,(community only) where the operator generates a random admin password when installing Keycloak, however the password remains the same when deployed to the same…

An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly sim…

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth ta…

Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for p…

Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those ag…

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port rand…

cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).

An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key.

konzept-ix publiXone before 2020.015 allows attackers to download files by iterating over the IXCopy fileID parameter.

An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of …

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proxi…

A predictable device ID in BASETech GE-131 BT-1837836 firmware 20180921 allows unauthenticated remote attackers to connect to the device.

In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.

In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random.

In FNET 4.6.3, TCP ISNs are improperly random.

In Contiki 4.5, TCP ISNs are improperly random.

In PicoTCP 1.7.0, TCP ISNs are improperly random.

In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.

libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id.

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability.

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of c…

An issue was discovered in the nanorand crate before 0.5.1 for Rust. It caused any random number generator (even ChaCha) to return all zeroes because integer truncation was mishandled.

ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number.

The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more predictable than necessary.

IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. IBM X-Force ID: 174807.

Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account is used for diagnostics and other suppo…

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text en…

The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in the directory wp-content/uploads/db-backup/. This might allow attackers to read ZIP archives by guessing random ID numbers, guessing date string…

A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login.

cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.

The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has an information-exposure issue. In the mobile app, an attempt to add an already-bound lock by its barcode reveals the email address of the account to wh…

The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover login credentials and voting history via an…

An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate privileges by retrieving the cook…

Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device.

In onPackageModified of VoiceInteractionManagerService.java, there is a possible change of default applications due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges need…

In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Pat…

In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to track a device. This could lead to remote information disclosure to a proximal attacker, with no additional execution privileges needed. User in…

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectiv…

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In TimeTracker before version 1.19.24.5415 tokens used in password reset feature in Time Tracker are based on system time and, therefore, are predict…

Some ZTE products have CSRF vulnerability. Because some pages lack CSRF random value verification, attackers could perform illegal authorization operations by constructing messages.This affects: ZXHN H168N V3.5.0_EG1T5_TE, V2.5.5, ZXHN H10…

On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized an…

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. …

A bypass of adding remote files in Concrete CMS (previously concrete5) File Manager leads to remote code execution in Concrete CMS (concrete5) versions 8.5.6 and below.The external file upload feature stages files in the public directory e…

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.

The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack.

The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user accounts with a randomly generated password. The password is generated using the str_shuffle PHP function that "does not generate cryptographicall…

Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment.

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (A…