Fallos del tipo CWE-330

148 resultados
CVE-2025-5136MEDIUMTmall Demo Payment Identifier pay random valuesEPSS 0.5%CVE-2023-46740MEDIUMInsecure random string generator used for sensitive dataEPSS 0.4%CVE-2024-28013MEDIUMUse of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2,EPSS 0.4%CVE-2020-10729A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal vaEPSS 0.4%CVE-2022-26080MEDIUMEasily guessable session ID's in NE843 Pulsar Plus ControllerEPSS 0.4%CVE-2024-41708HIGHAn issue was discovered in AdaCore ada_web_services 20.0 allows an attacker to escalate privileges and steal sessions via the Random_String(EPSS 0.4%CVE-2025-64097CRITICALNervesHub has Insufficient Token Entropy that Allows Authentication Bypass via Brute ForceEPSS 0.4%CVE-2024-6348MEDIUMPredictable seed generation after ECU resetEPSS 0.4%CVE-2022-1615In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.EPSS 0.4%CVE-2026-40496HIGHFreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute ForceEPSS 0.4%CVE-2026-27755CRITICALSODOLA SL902-SWTGW124AS <= 200.1.20 Predictable Session IDEPSS 0.4%CVE-2025-11707MEDIUMLogin Lockdown & Protection <= 2.14 - IP Block BypassEPSS 0.4%CVE-2025-10671MEDIUMyouth-is-as-pale-as-poetry e-learning JWT Token JwtUtils.java encryptSecret random valuesEPSS 0.4%CVE-2023-22912MEDIUMAn issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. CheckUser TokenManager inEPSS 0.4%CVE-2024-5149MEDIUMBuddyForms <= 2.8.9 - Email Verification Bypass due to Insufficient RandomnessEPSS 0.4%CVE-2024-35292HIGHA vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ESEPSS 0.4%CVE-2026-2966MEDIUMCesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random valuesEPSS 0.4%CVE-2024-42165MEDIUMArbitrary User ActivationEPSS 0.4%CVE-2026-20101HIGHA vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unEPSS 0.4%CVE-2021-37186A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versiEPSS 0.3%