Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-13 | CVE-2016-7438 | Cryptographic Issues vulnerability in Wolfssl The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | 5.5 |
| 2016-12-11 | CVE-2016-9847 | Cryptographic Issues vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin. | 5.3 |
| 2016-11-30 | CVE-2016-2953 | Cryptographic Issues vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0 IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which allows remote attackers to obtain sensitive cleartext information by sniffing the network. | 3.7 |
| 2016-11-30 | CVE-2016-2951 | Cryptographic Issues vulnerability in IBM Bigfix Remote Control 9.1.2 IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data. | 3.7 |
| 2016-11-29 | CVE-2016-8224 | Cryptographic Issues vulnerability in Lenovo products A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an attacker with administrative privileges on a system could install a program that circumvents Intel Management Engine (ME) protections. | 4.4 |
| 2016-10-05 | CVE-2016-5084 | Cryptographic Issues vulnerability in Animas Onetouch Ping Firmware Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network. | 7.5 |
| 2016-10-05 | CVE-2016-6550 | Cryptographic Issues vulnerability in Bb&T the U 1.5.4 The U by BB&T app 1.5.4 and earlier for iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
| 2016-09-26 | CVE-2016-5957 | Cryptographic Issues vulnerability in IBM Security Privileged Identity Manager Virtual Appliance 2.0/2.0.2 IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive information by leveraging a weak algorithm. | 7.5 |
| 2016-09-25 | CVE-2016-4763 | Cryptographic Issues vulnerability in Apple Itunes WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 6.8 |
| 2016-09-25 | CVE-2016-4754 | Cryptographic Issues vulnerability in Apple OS X Server ServerDocs Server in Apple OS X Server before 5.2 supports the RC4 cipher, which might allow remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | 7.5 |