Vulnerabilities > Cryptographic Issues

DATE CVE VULNERABILITY TITLE RISK
2019-09-18 CVE-2019-3739 Cryptographic Issues vulnerability in multiple products
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation.
network
low complexity
dell oracle CWE-310
6.5
2019-09-03 CVE-2019-14261 Cryptographic Issues vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01
An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices.
network
low complexity
abus CWE-310
5.0
2019-08-22 CVE-2019-9155 Cryptographic Issues vulnerability in Openpgpjs
A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.
network
openpgpjs CWE-310
4.3
2019-08-15 CVE-2018-14062 Cryptographic Issues vulnerability in Cospas-Sarsat System
The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages (unrelated to distress alerts) via a crafted 406 MHz digital signal.
network
low complexity
cospas-sarsat CWE-310
critical
9.4
2019-08-05 CVE-2019-5502 Cryptographic Issues vulnerability in Netapp Data Ontap
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
network
low complexity
netapp CWE-310
6.4
2019-08-02 CVE-2019-7886 Cryptographic Issues vulnerability in Magento
A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
network
low complexity
magento CWE-310
5.0
2019-08-02 CVE-2019-7860 Cryptographic Issues vulnerability in Magento
A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
network
low complexity
magento CWE-310
5.0
2019-08-02 CVE-2019-7858 Cryptographic Issues vulnerability in Magento
A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks.
network
low complexity
magento CWE-310
5.0
2019-08-02 CVE-2019-7855 Cryptographic Issues vulnerability in Magento
A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation.
network
low complexity
magento CWE-310
5.0
2019-07-03 CVE-2019-6632 Cryptographic Issues vulnerability in F5 products
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness.
local
low complexity
f5 CWE-310
2.1