CWE-338

CVE-2021-3990

February 23, 2023 by

showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

CVE-2021-37553

February 23, 2023 by

In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.

CVE-2021-3678

February 23, 2023 by

showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

The use of a cryptographically weak pseudo-random number generator in the password reset feature of FortiPortal before 6.0.6 may allow a remote unauthenticated attacker to predict parts of or the whole newly generated password within a given time frame.

CVE-2021-3538

February 23, 2023 by

A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.

CVE-2021-34600

February 23, 2023 by

Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation.