CWE-330 · Use of Insufficiently Random Values
377 CVEs classified under CWE-330 (Use of Insufficiently Random Values). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-22601 | Critical | 10.0 | 2023-01-12 | InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Us… |
CVE-2021-40422 | Critical | 10.0 | 2022-04-14 | An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network re… |
CVE-2026-25072 | Critical | 9.8 | 2026-03-07 | XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable session identifier vulnerability in the /goform/SetLogin endpoint… |
CVE-2026-27755 | Critical | 9.8 | 2026-02-27 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authentica… |
CVE-2026-27637 | Critical | 9.8 | 2026-02-25 | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.206, FreeScout's `TokenAuth` middleware uses a predicta… |
CVE-2025-64097 | Critical | 9.8 | 2026-01-22 | NervesHub is a web service that allows users to manage over-the-air (OTA) firmware updates of devices in the field. A vulnerability present starting in version… |
CVE-2025-4607 | Critical | 9.8 | 2025-05-31 | The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.12 via the customer_r… |
CVE-2024-36389 | Critical | 9.8 | 2024-06-02 | MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass |
CVE-2020-27631 | Critical | 9.8 | 2023-10-10 | In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random. |
CVE-2020-27630 | Critical | 9.8 | 2023-10-10 | In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random. |
CVE-2023-39979 | Critical | 9.8 | 2023-09-02 | There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the… |
CVE-2023-4344 | Critical | 9.8 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection |
CVE-2023-2884 | Critical | 9.8 | 2023-05-25 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofin… |
CVE-2022-46353 | Critical | 9.8 | 2022-12-13 | A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HS… |
CVE-2022-44938 | Critical | 9.8 | 2022-12-08 | Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack. |
CVE-2022-36536 | Critical | 9.8 | 2022-09-16 | An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privil… |
CVE-2022-25752 | Critical | 9.8 | 2022-04-12 | A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coa… |
CVE-2021-36166 | Critical | 9.8 | 2022-03-01 | An improper authentication vulnerability in FortiMail before 7.0.1 may allow a remote attacker to efficiently guess one administrative account's authentication… |
CVE-2022-22922 | Critical | 9.8 | 2022-02-18 | TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gai… |
CVE-2021-36294 | Critical | 9.8 | 2022-01-25 | Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass vulnerability. A remote unauthenticated attacker may exploit this vulne… |