CVEs classified under CWE-332, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2018-9057 — CVSS 9.8 (critical): aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an…
CVE-2016-10743 — CVSS 7.5 (high): hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
CVE-2014-9690 — CVSS 7.5 (high): Huawei home gateways WS318 with software V100R001C01B022 and earlier versions are affected by the PIN offline brute force cracking…
CVE-2026-3290: Timing limitations of the HRNG in RS9116 when power save mode is enabled results in predictable values
CVE-2017-18486 — CVSS 7.2 (high): Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash…
CVE-2019-1715 — CVSS 5.3 (medium): A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco…
CVE-2014-0016 — CVSS 4.3 (medium): stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG)…
CVE-2017-9371 — CVSS 2.6 (low): In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default…