Login Sign Up

CWE-335: CWE-335

10
Total CVEs
2
Critical
6
High
8.1
Avg CVSS

Yearly Trend

2025
3
2024
5
2022
1
2021
1

Top Affected Vendors

1 Fedoraproject 1
2 Gnu 1
3 Apache 1
4 Objectplanet 1
5 Piwigo 1
6 Qt 1
7 Keypair Project 1

All CWE-335 CVEs (10)

CVE-2024-36048
9.8

This vulnerability in Qt Network Authorization's QAbstractOAuth uses only system time to seed the pseudo-random number generator (PRNG), making genera...

May 18, 2024
CVE-2023-4472
9.8

CVE-2023-4472 is a critical authentication bypass vulnerability in Objectplanet Opinio survey software. It allows unauthenticated attackers to take ov...

Feb 1, 2024
CVE-2024-27632
8.8

This vulnerability in GNU Savane allows remote attackers to escalate privileges by manipulating the form_id parameter in the form_header() function. A...

Apr 8, 2024
CVE-2021-41117
8.7

The keypair library generates identical RSA keys due to flawed random number generation, particularly in Node.js environments. This allows attackers t...

Oct 11, 2021
CVE-2024-1579
8.1

This vulnerability allows attackers to predict or manipulate session tokens due to improper seed usage in the pseudo-random number generator (PRNG) us...

Apr 29, 2024
CVE-2016-3735
8.1

CVE-2016-3735 is a predictable password reset token vulnerability in Piwigo image gallery software. When certain criteria aren't met, Piwigo uses PHP'...

Jan 28, 2022
CVE-2025-27580
7.5

This vulnerability in NIH BRICS allows unauthenticated users with a Common Access Card to generate predictable authentication tokens and escalate priv...

Apr 24, 2025
CVE-2025-24783
7.5

This vulnerability allows attackers to guess continuation identifiers in Apache Cocoon due to insufficiently random seed values, potentially accessing...

Jan 27, 2025
CVE-2024-55566
6.6

ColPack versions 1.0.10 through commit 9a7293a have a predictable temporary file vulnerability where temporary files are created in /tmp using unseede...

Dec 9, 2024
CVE-2025-52578
5.7

This vulnerability involves incorrect seed usage in a pseudo-random number generator in Gallagher High Sec ELM devices, allowing attackers with physic...

Nov 18, 2025

About CWE-335 (CWE-335)

Our database tracks 10 CVEs classified as CWE-335, with 2 rated critical and 6 rated high severity. The average CVSS score for CWE-335 vulnerabilities is 8.1.

External reference: View CWE-335 on MITRE CWE →

Monitor CWE-335 Vulnerabilities

Get alerted when new CWE-335 CVEs affect your infrastructure.

Start Monitoring Free