Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-45273 | Inadequate Encryption Strength vulnerability in multiple products An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. | 7.8 |
| 2024-10-03 | CVE-2024-41594 | Inadequate Encryption Strength vulnerability in Draytek products An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG of OpenSSL. | 7.5 |
| 2024-09-30 | CVE-2024-8455 | Inadequate Encryption Strength vulnerability in Planet products The swctrl service is used to detect and remotely manage PLANET Technology devices. | 5.9 |
| 2024-09-27 | CVE-2024-47182 | Inadequate Encryption Strength vulnerability in Amirraminfar Dozzle Dozzle is a realtime log viewer for docker containers. | 7.5 |
| 2024-09-25 | CVE-2024-22892 | Inadequate Encryption Strength vulnerability in Openslides 4.0.15 OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords. | 7.5 |
| 2024-08-28 | CVE-2021-38121 | Inadequate Encryption Strength vulnerability in Microfocus Netiq Advanced Authentication Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1 | 8.8 |
| 2024-08-13 | CVE-2024-41681 | Inadequate Encryption Strength vulnerability in Siemens Location Intelligence A vulnerability has been identified in Location Intelligence family (All versions < V4.4). | 7.5 |
| 2024-08-12 | CVE-2024-42163 | Inadequate Encryption Strength vulnerability in Fiware Keyrock Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting the token for the password reset link. | 8.1 |
| 2024-08-02 | CVE-2024-40719 | Inadequate Encryption Strength vulnerability in Changingtec TCB Servisign The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign Windows Version is insufficient. | 6.5 |
| 2024-08-01 | CVE-2024-32758 | Inadequate Encryption Strength vulnerability in Johnsoncontrols Exacqvision Client and Exacqvision Server Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange | 7.5 |