VYPR

CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

BaseDraftLikelihood: Medium

Description

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (109)

page 3 of 6
  • CVE-2017-5493HigJan 15, 2017
    risk 0.49cvss 7.5epss 0.03

    wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup.

  • CVE-2025-41731HigNov 10, 2025
    risk 0.48cvss 7.4epss 0.00

    A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to…

  • CVE-2017-17845HigDec 27, 2017
    risk 0.48cvss 7.3epss 0.02

    An issue was discovered in Enigmail before 1.9.9. Improper Random Secret Generation occurs because Math.Random() is used by pretty Easy privacy (pEp), aka TBE-01-001.

  • CVE-2025-26379HigDec 22, 2025
    risk 0.47cvss epss 0.00

    Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets.

  • CVE-2026-25726HigApr 3, 2026
    risk 0.46cvss 8.1epss 0.00

    Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now().UnixNano() to generate critical security secrets, including the secret_key, and hash_id_salt.…

  • CVE-2025-40915HigJun 11, 2025
    risk 0.46cvss 7.0epss 0.00

    Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens. That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand() function.

  • CVE-2026-46493HigJun 5, 2026
    risk 0.42cvss 7.5epss 0.00

    HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.1 use `uniqid` for generating salts, which is unsuitable. Version 26.0.1 fixes the issue.

  • CVE-2026-5084MedMay 11, 2026
    risk 0.42cvss 6.5epss 0.00

    WebDyne::Session versions through 2.075 for Perl generates the session id insecurely. The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function. The rand function is passed a maximum value based on the process id, the epoch…

  • CVE-2026-6659HigMay 8, 2026
    risk 0.42cvss 7.5epss 0.00

    Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography.

  • CVE-2026-41564HigApr 23, 2026
    risk 0.42cvss 7.5epss 0.00

    CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it…

  • CVE-2025-40919MedJul 16, 2025
    risk 0.42cvss 6.5epss 0.00

    Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be…

  • CVE-2024-56370MedApr 5, 2025
    risk 0.42cvss 6.5epss 0.00

    Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test…

  • CVE-2018-25107HigDec 29, 2024
    risk 0.42cvss 7.5epss 0.00

    The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.

  • CVE-2018-5871MedSep 20, 2018
    risk 0.42cvss 6.5epss 0.00

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630,…

  • CVE-2025-40923HigJul 16, 2025
    risk 0.40cvss 7.3epss 0.00

    Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time…

  • CVE-2026-5080MedApr 30, 2026
    risk 0.38cvss 5.9epss 0.00

    Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand() function to return a…

  • CVE-2026-40514MedApr 27, 2026
    risk 0.38cvss 5.9epss 0.00

    SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys and initialization vectors derived from System.Random seeded with insufficient entropy, reducing the seed space to…

  • CVE-2018-12885MedAug 7, 2018
    risk 0.38cvss 5.9epss 0.01

    The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game, generates a random value with publicly readable variables such as the current block information and a private variable, (which can be read with a getStorageAt call). Therefore,…

  • CVE-2026-34871MedApr 1, 2026
    risk 0.37cvss 6.7epss 0.00

    An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).

  • CVE-2009-3278MedSep 21, 2009
    risk 0.36cvss 5.5epss 0.00

    The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the rand library function to generate a certain recovery key, which makes it easier for local users to determine this key via a brute-force attack.