VYPR

CWE-330

Use of Insufficiently Random Values

ClassStableLikelihood: High

Description

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-112 · CAPEC-485 · CAPEC-59

CVEs mapped to this weakness (149)

page 2 of 8
  • CVE-2017-13082HigOct 17, 2017
    risk 0.53cvss 8.1epss 0.05

    Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

  • CVE-2009-0255HigJan 22, 2009
    risk 0.53cvss 7.5epss 0.09

    The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.

  • CVE-2026-40496CriApr 21, 2026
    risk 0.52cvss 9.1epss 0.00

    FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, attachment download tokens are generated using a weak and predictable formula: `md5(APP_KEY + attachment_id + size)`. Since attachment_id is sequential and size can be brute-forced in a small…

  • CVE-2009-2158HigJun 22, 2009
    risk 0.52cvss 7.5epss 0.05

    account-recover.php in TorrentTrader Classic 1.09 chooses random passwords from an insufficiently large set, which makes it easier for remote attackers to obtain a password via a brute-force attack.

  • CVE-2008-0141HigJan 8, 2008
    risk 0.52cvss 7.5epss 0.04

    actions.php in WebPortal CMS 0.6-beta generates predictable passwords containing only the time of day, which makes it easier for remote attackers to obtain access to any account via a lostpass action.

  • CVE-2018-15807HigAug 23, 2018
    risk 0.51cvss 7.8epss 0.00

    POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker…

  • CVE-2017-17091HigDec 2, 2017
    risk 0.51cvss 8.8epss 0.08

    wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.

  • CVE-2008-0087HigApr 8, 2008
    risk 0.51cvss 7.5epss 0.31

    The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

  • CVE-2026-41505HigMay 7, 2026
    risk 0.50cvss 8.7epss 0.00

    RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's gen_ticket_code() function. This issue has been patched via commit 2f68e16.

  • CVE-2025-59371HigNov 25, 2025
    risk 0.49cvss epss 0.01

    An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer…

  • CVE-2024-41708HigSep 25, 2024
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in AdaCore ada_web_services 20.0 allows an attacker to escalate privileges and steal sessions via the Random_String() function in the src/core/aws-utils.adb module.

  • CVE-2017-10874HigDec 1, 2017
    risk 0.49cvss 7.5epss 0.01

    PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks.

  • CVE-2017-0897HigJun 22, 2017
    risk 0.49cvss 7.5epss 0.04

    ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. Successfully guessing the token can lead to remote code execution.

  • CVE-2013-7463HigApr 19, 2017
    risk 0.49cvss 7.5epss 0.01

    The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms via a chosen plaintext attack.

  • CVE-2016-10180HigJan 30, 2017
    risk 0.49cvss 7.5epss 0.04

    An issue was discovered on the D-Link DWR-932B router. WPS PIN generation is based on srand(time(0)) seeding.

  • CVE-2016-5085HigOct 5, 2016
    risk 0.49cvss 7.5epss 0.04

    Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which makes it easier for remote attackers to spoof meters by sniffing the network and then engaging in an authentication handshake.

  • CVE-2008-4929HigNov 4, 2008
    risk 0.49cvss 7.5epss 0.02

    MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames.

  • CVE-2008-4905HigNov 4, 2008
    risk 0.49cvss 7.5epss 0.01

    Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack.

  • CVE-2008-2020HigApr 30, 2008
    risk 0.49cvss 7.5epss 0.02

    The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Commerce-Suite (aka 123tkShop) 0.9.1, (3) phpMyBitTorrent 1.2.2, (4) TorrentFlux 2.3, (5) e107 0.7.11, (6) WebZE 0.5.9, (7) Open Media Collectors Database (aka OpenDb) 1.5.0b4, and…

  • CVE-2018-13280HigJul 30, 2018
    risk 0.48cvss 7.4epss 0.01

    Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.