CWE-341
11 CVEs classified under CWE-341. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-1731 | Critical | 9.1 | 2020-03-02 | A flaw was found in all versions of the Keycloak operator, before version 8.0.2,(community only) where the operator generates a random admin password when inst… |
CVE-2026-42365 | High | 8.6 | 2026-05-04 | A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP reques… |
CVE-2025-40780 | High | 8.6 | 2025-10-22 | In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source po… |
CVE-2026-36609 | High | 7.3 | 2026-06-03 | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 uses a static authentication nonce that does not change between requests from the same source I… |
CVE-2020-5365 | Medium | 5.3 | 2020-05-20 | Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC… |
CVE-2025-42925 | Medium | 4.3 | 2025-09-09 | Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP service, an authenticated attacker with low privileges could pr… |
CVE-2024-10141 | Low | 3.7 | 2024-10-19 | A vulnerability, which was classified as problematic, was found in jsbroks COCO Annotator 0.11.1. This affects an unknown part of the component Session Handler… |
CVE-2021-4277 | Low | 2.6 | 2022-12-25 | A vulnerability, which was classified as problematic, has been found in fredsmith utils. This issue affects some unknown processing of the file screenshot_sync… |
CVE-2023-49259 | | 2024-01-12 | The authentication cookies are generated using an algorithm based on the username, hardcoded secret and the up-time, and can be guessed in a reasonable time. | |
CVE-2019-6563 | | 2019-03-05 | Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a… | |
CVE-2018-17917 | | 2018-10-10 | All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use MAC addresses to enumerate potential Cloud IDs. Using… |