Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-03 | CVE-2018-16870 | Cryptographic Issues vulnerability in Wolfssl It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. | 5.9 |
| 2019-01-03 | CVE-2017-18327 | Cryptographic Issues vulnerability in Qualcomm products Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130. | 5.5 |
| 2018-12-13 | CVE-2017-1268 | Cryptographic Issues vulnerability in IBM Security Guardium IBM Security Guardium 10 and 10.5 uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of the input. | 7.5 |
| 2018-12-09 | CVE-2018-19653 | Cryptographic Issues vulnerability in Hashicorp Consul HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. | 5.9 |
| 2018-10-08 | CVE-2018-5402 | Cryptographic Issues vulnerability in Auto-Maskin products The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. | 8.8 |
| 2018-08-28 | CVE-2017-15423 | Cryptographic Issues vulnerability in multiple products Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic. | 5.3 |
| 2018-08-21 | CVE-2017-17305 | Cryptographic Issues vulnerability in Huawei products Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. | 5.9 |
| 2018-07-31 | CVE-2017-17174 | Cryptographic Issues vulnerability in Huawei products Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. | 5.9 |
| 2018-07-27 | CVE-2017-12151 | Cryptographic Issues vulnerability in multiple products A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. | 7.4 |
| 2018-07-26 | CVE-2017-7526 | Cryptographic Issues vulnerability in multiple products libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. | 6.8 |