Vulnerabilities > Cryptographic Issues
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-07 | CVE-2019-10908 | Cryptographic Issues vulnerability in Airsonic Project Airsonic 10.2.1 In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally. | 7.5 |
| 2019-03-28 | CVE-2019-10251 | Cryptographic Issues vulnerability in Ucweb UC Browser 13.0.8/20190326 The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain modules associated with PDF and Microsoft Office files (related to libpicsel), which allows MITM attacks. | 4.3 |
| 2019-03-28 | CVE-2019-10250 | Cryptographic Issues vulnerability in Ucweb UC Browser 7.0.185.1002 UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which allows MITM attacks. | 4.3 |
| 2019-03-12 | CVE-2019-5919 | Cryptographic Issues vulnerability in Nablarch Project Nablarch 5/5U1/5U13 An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors. | 6.4 |
| 2019-02-26 | CVE-2019-9191 | Cryptographic Issues vulnerability in Etsi Enterprise Transport Security The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) protocol does not provide per-session forward secrecy. | 4.3 |
| 2019-02-26 | CVE-2019-6593 | Cryptographic Issues vulnerability in F5 products On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. | 4.3 |
| 2019-02-06 | CVE-2018-7839 | Cryptographic Issues vulnerability in Schneider-Electric Iiot Monitor 3.1.38 A Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor 3.1.38 which could allow information disclosure. | 2.1 |
| 2019-01-18 | CVE-2017-18160 | Cryptographic Issues vulnerability in Qualcomm products AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 835, SD 845, SD 850 | 10.0 |
| 2019-01-03 | CVE-2018-16870 | Cryptographic Issues vulnerability in Wolfssl It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. | 4.3 |
| 2019-01-03 | CVE-2017-18327 | Cryptographic Issues vulnerability in Qualcomm products Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130. | 2.1 |