Vulnerabilities > Cryptographic Issues

DATE CVE VULNERABILITY TITLE RISK
2019-09-18 CVE-2019-3739 Cryptographic Issues vulnerability in multiple products
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation.
network
rsa dell CWE-310
4.3
2019-09-03 CVE-2019-14261 Cryptographic Issues vulnerability in Abus Secvest Wireless Alarm System Fuaa50000 Firmware 3.01.01
An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices.
network
low complexity
abus CWE-310
5.0
2019-08-22 CVE-2019-9155 Cryptographic Issues vulnerability in Openpgpjs
A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.
network
openpgpjs CWE-310
4.3
2019-08-15 CVE-2018-14062 Cryptographic Issues vulnerability in Cospas-Sarsat System
The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages (unrelated to distress alerts) via a crafted 406 MHz digital signal.
network
low complexity
cospas-sarsat CWE-310
critical
9.4
2019-08-07 CVE-2019-10099 Cryptographic Issues vulnerability in Apache Spark
Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true.
network
apache CWE-310
4.3
2019-08-07 CVE-2016-5431 Cryptographic Issues vulnerability in PHP Jose Project PHP Jose
The PHP JOSE Library by Gree Inc.
network
low complexity
php-jose-project CWE-310
5.0
2019-08-05 CVE-2019-5502 Cryptographic Issues vulnerability in Netapp Data Ontap
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
network
low complexity
netapp CWE-310
6.4
2019-08-02 CVE-2019-7886 Cryptographic Issues vulnerability in Magento
A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
network
low complexity
magento CWE-310
5.0
2019-08-02 CVE-2019-7860 Cryptographic Issues vulnerability in Magento
A cryptographically weak pseudo-rando number generator is used in multiple security relevant contexts in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
network
low complexity
magento CWE-310
5.0
2019-08-02 CVE-2019-7858 Cryptographic Issues vulnerability in Magento
A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks.
network
low complexity
magento CWE-310
5.0