VYPR

CWE-330

Use of Insufficiently Random Values

ClassStableLikelihood: High

Description

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-112 · CAPEC-485 · CAPEC-59

CVEs mapped to this weakness (149)

page 4 of 8
  • CVE-2025-22150MedJan 21, 2025
    risk 0.37cvss 6.8epss 0.01

    Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to versions 5.28.5, 6.21.1, and 7.2.3, undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its…

  • CVE-2026-44054MedMay 21, 2026
    risk 0.35cvss 6.5epss 0.00

    Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism.

  • CVE-2026-40306MedApr 17, 2026
    risk 0.35cvss 6.5epss 0.00

    DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affect upgrades from 9.x.x. Version 10.2.2 patches the issue.

  • CVE-2025-11723MedJan 6, 2026
    risk 0.35cvss 6.5epss 0.00

    The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.9.5 via the hash() function due to use of a hardcoded fall-back salt. This makes it…

  • CVE-2024-42475MedAug 15, 2024
    risk 0.35cvss 6.5epss 0.00

    In the OAuth library for nim prior to version 0.11, the `state` values generated by the `generateState` function do not have sufficient entropy. These can be successfully guessed by an attacker allowing them to perform a CSRF vs a user, associating the user's session with the…

  • CVE-2024-5149MedJun 5, 2024
    risk 0.35cvss 6.5epss 0.00

    The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification.

  • CVE-2021-22968Nov 19, 2021
    risk 0.35cvss 5.4epss 0.03

    A bypass of adding remote files in Concrete CMS (previously concrete5) File Manager leads to remote code execution in Concrete CMS (concrete5) versions 8.5.6 and below.The external file upload feature stages files in the public directory even if they have disallowed file…

  • CVE-2017-1000246MedNov 17, 2017
    risk 0.35cvss 5.3epss 0.01

    Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.

  • CVE-2017-13088MedOct 17, 2017
    risk 0.35cvss 5.3epss 0.02

    Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points…

  • CVE-2017-13087MedOct 17, 2017
    risk 0.35cvss 5.3epss 0.02

    Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

  • CVE-2017-13081MedOct 17, 2017
    risk 0.35cvss 5.3epss 0.02

    Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

  • CVE-2017-13080MedOct 17, 2017
    risk 0.35cvss 5.3epss 0.02

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

  • CVE-2017-13079MedOct 17, 2017
    risk 0.35cvss 5.3epss 0.02

    Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

  • CVE-2017-13078MedOct 17, 2017
    risk 0.35cvss 5.3epss 0.02

    Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

  • CVE-2015-9019MedApr 5, 2017
    risk 0.35cvss 5.3epss 0.02

    In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.

  • CVE-2025-11707MedDec 13, 2025
    risk 0.34cvss 5.3epss 0.00

    The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblock_key key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate…

  • CVE-2025-10745MedSep 26, 2025
    risk 0.34cvss 5.3epss 0.00

    The Banhammer – Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress is vulnerable to Blocking Bypass in all versions up to, and including, 3.4.8. This is due to a site-wide “secret key” being deterministically generated from a constant character set using…

  • CVE-2024-52615MedNov 21, 2024
    risk 0.34cvss 5.3epss 0.01

    A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.

  • CVE-2026-50009MedJun 12, 2026
    risk 0.31cvss 4.8epss 0.00

    Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The…

  • CVE-2026-40975MedApr 28, 2026
    risk 0.31cvss 4.8epss 0.00

    Values produced by ${random.value} are not suitable for use as secrets. ${random.uuid} is not affected. ${random.int} and ${random.long} should never be used for secrets as they are numeric values with a predictable range. Affected: Spring Boot 4.0.0–4.0.5 (fix 4.0.6),…