Falhas do tipo CWE-338
125 resultadosCVE-2021-3990MEDIUMUse of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in star7th/showdocEPSS 0.9%CVE-2024-25389HIGHRT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed + 2531011L; return (seed >> 16) & 0x7FFF;" EPSS 0.8%CVE-2022-23472MEDIUMUse of insecure random number generator in PasseoEPSS 0.8%CVE-2023-24828HIGHUse of Cryptographically Weak Pseudo-Random Number Generator in OnedevEPSS 0.7%CVE-2023-2884CRITICALInsecure Randomness in CBOT's ChatbotEPSS 0.7%CVE-2022-44796CRITICALAn issue was discovered in Object First Ootbi BETA build 1.0.7.712. The authorization service has a flow that allows getting access to the WEPSS 0.7%CVE-2022-45782HIGHAn issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation alEPSS 0.6%CVE-2025-3495CRITICALCOMMGR - Insufficient Randomization Authentication BypassEPSS 0.6%CVE-2025-59390CRITICALApache Druid: Kerberos authenticaton chooses a cryptographically unsecure secret if not configured explicitly.EPSS 0.6%CVE-2025-22376MEDIUMIn Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in randEPSS 0.6%CVE-2025-40931CRITICALApache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session idEPSS 0.6%CVE-2026-5088HIGHApache::API::Password versions through 0.5.2 for Perl can generate insecure random values for saltsEPSS 0.6%CVE-2024-34538HIGHMateso PasswordSafe through 8.13.9.26689 has Weak Cryptography.EPSS 0.6%CVE-2024-23660HIGHThe Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library andEPSS 0.6%CVE-2024-45751MEDIUMtgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thuEPSS 0.5%CVE-2023-32549MEDIUMLandscape insecure token generationEPSS 0.5%CVE-2025-1796HIGHAdmin account takeover through weak Pseudo-Random number generator used in generating password reset codes in langgenius/difyEPSS 0.5%CVE-2023-28835LOWInsecure randomness for default password in nextcloudEPSS 0.5%CVE-2026-3256CRITICALHTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session idsEPSS 0.5%CVE-2025-15604CRITICALAmon2 versions before 6.17 for Perl use an insecure random_string implementation for security functionsEPSS 0.5%