Vulnerabilities > Inadequate Encryption Strength

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2022-38469 Inadequate Encryption Strength vulnerability in GE Proficy Historian
An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords.
network
low complexity
ge CWE-326
7.5
2023-01-05 CVE-2021-40341 Inadequate Encryption Strength vulnerability in Hitachienergy Foxman-Un and Unem
DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt user credentials used to access the Network Elements.
local
low complexity
hitachienergy CWE-326
5.5
2022-12-27 CVE-2022-2582 The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field.
network
low complexity
CWE-326
4.3
2022-12-26 CVE-2022-24116 Certain General Electric Renewable Energy products have inadequate encryption strength.
network
low complexity
CWE-326
critical
9.8
2022-12-22 CVE-2022-1520 When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status.
network
low complexity
CWE-326
4.3
2022-12-19 CVE-2022-38659 In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent.
local
low complexity
CWE-326
7.8
2022-12-08 CVE-2022-46825 Inadequate Encryption Strength vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.
local
low complexity
jetbrains CWE-326
3.3
2022-12-02 CVE-2022-2640 Inadequate Encryption Strength vulnerability in Hornerautomation Rcc972 Firmware 15.40
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering.
network
low complexity
hornerautomation CWE-326
7.5
2022-11-15 CVE-2022-45379 Inadequate Encryption Strength vulnerability in Jenkins Script Security
Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.
network
low complexity
jenkins CWE-326
7.5
2022-11-01 CVE-2020-4099 Inadequate Encryption Strength vulnerability in Hcltech Verse 12.0.9
The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures.
network
low complexity
hcltech CWE-326
7.5