Vulnerabilities > Cryptographic Issues

DATE CVE VULNERABILITY TITLE RISK
2017-08-02 CVE-2016-7812 Cryptographic Issues vulnerability in Mufg Mitsubishi UFJ 5.2.2/5.3.1
The Bank of Tokyo-Mitsubishi UFJ, Ltd.
network
high complexity
mufg CWE-310
3.1
2017-07-27 CVE-2016-0736 Cryptographic Issues vulnerability in Apache Http Server
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption.
network
low complexity
apache CWE-310
7.5
2017-07-25 CVE-2015-8013 Cryptographic Issues vulnerability in Openpgpjs
s2k.js in OpenPGP.js will decrypt arbitrary messages regardless of passphrase for crafted PGP keys which allows remote attackers to bypass authentication if message decryption is used as an authentication mechanism via a crafted symmetrically encrypted PGP message.
network
low complexity
openpgpjs CWE-310
7.5
2017-06-08 CVE-2016-4457 Cryptographic Issues vulnerability in Redhat Cloudforms Management Engine 5.7
CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.
network
low complexity
redhat CWE-310
7.5
2017-05-28 CVE-2016-10376 Cryptographic Issues vulnerability in Gajim
Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension.
network
low complexity
gajim CWE-310
4.5
2017-05-16 CVE-2015-9003 Cryptographic Issues vulnerability in Google Android
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
local
low complexity
google CWE-310
7.8
2017-04-02 CVE-2016-7585 Cryptographic Issues vulnerability in Apple mac OS X
An issue was discovered in certain Apple products.
low complexity
apple CWE-310
6.8
2017-03-29 CVE-2015-8234 Cryptographic Issues vulnerability in Openstack Glance 11.0.0
The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision.
local
low complexity
openstack CWE-310
5.5
2017-03-14 CVE-2015-8989 Cryptographic Issues vulnerability in Mcafee vulnerability Manager
Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database.
network
low complexity
mcafee CWE-310
8.8
2017-02-21 CVE-2015-4056 Cryptographic Issues vulnerability in Dell VCE Vision Intelligent Operations 2.5/2.6/2.6.4
The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cryptography, which makes it easier for local users to discover credentials by leveraging administrative access.
local
low complexity
dell CWE-310
6.7