Falhas do tipo CWE-331
81 resultadosCVE-2024-36400CRITICALnano-id is unable to generate the correct character setEPSS 0.8%CVE-2023-46648HIGHInsufficient Entropy in GitHub Enterprise Server Management Console Invitation TokenEPSS 0.7%CVE-2024-3411CRITICALInsufficient Randomness When Validating an IPMI Authenticated SessionEPSS 0.7%CVE-2020-29505HIGHDell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key ManagemenEPSS 0.6%CVE-2024-8796MEDIUMInsufficient Default OTP Shared Secret LengthEPSS 0.6%CVE-2020-36925HIGHArteco Web Client DVR/NVR Session ID Brute Force Authentication BypassEPSS 0.6%CVE-2023-4344CRITICALBroadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connectionEPSS 0.6%CVE-2024-25407HIGHSteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction request. This vulnerability can allow attaEPSS 0.6%CVE-2024-6508HIGHOpenshift-console: oauth2 insufficient state parameter entropyEPSS 0.6%CVE-2017-2625MEDIUMIt was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a locEPSS 0.5%CVE-2025-47781CRITICALRallly Insufficient Password Login Token Entropy Leads to Account TakeoverEPSS 0.5%CVE-2017-2626MEDIUMIt was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for sessEPSS 0.5%CVE-2025-54885MEDIUMThinbus generates insufficient entropy: 252 bits vs minimum 256 bitsEPSS 0.4%CVE-2025-67504CRITICALWBCE CMS has Weak Random Number Generator in Password Generation FunctionEPSS 0.4%CVE-2024-58134HIGHMojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by defaultEPSS 0.4%CVE-2026-46473HIGHAuthen::TOTP versions before 0.1.1 for Perl generate secrets using randEPSS 0.4%CVE-2023-36610MEDIUM
The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the software tokens EPSS 0.4%CVE-2025-52464CRITICALMeshtastic Repeated Public and Private KeypairsEPSS 0.4%CVE-2021-3505—A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with ~1984 bit strength due to a bug inEPSS 0.4%CVE-2025-66565CRITICALFiber Utils UUIDv4 and UUID Silent Fallback to Predictable ValuesEPSS 0.4%