Vulnerabilities > Inadequate Encryption Strength

DATE CVE VULNERABILITY TITLE RISK
2024-01-30 CVE-2024-22894 Inadequate Encryption Strength vulnerability in multiple products
An issue in AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 and Novelan Heatpumps wp2reg-V.3.88.0-9015, allows remote attackers to execute arbitrary code via the password component in the shadow file.
low complexity
alpha-innotec novelan CWE-326
6.8
2024-01-25 CVE-2024-23656 Inadequate Encryption Strength vulnerability in Linuxfoundation DEX 2.37.0
Dex is an identity service that uses OpenID Connect to drive authentication for other apps.
network
low complexity
linuxfoundation CWE-326
7.5
2024-01-23 CVE-2023-7237 Inadequate Encryption Strength vulnerability in Lantronix Xport Edge Firmware 2.0.0.13
Lantronix XPort sends weakly encoded credentials within web request headers.
network
low complexity
lantronix CWE-326
7.5
2023-12-05 CVE-2023-26941 Inadequate Encryption Strength vulnerability in Assaabloy Yale Conexis L1 Firmware 1.1.0
Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a cloned tag via physical proximity to the original.
low complexity
assaabloy CWE-326
6.5
2023-12-05 CVE-2023-26942 Inadequate Encryption Strength vulnerability in Assaabloy Yale Ia-210 Firmware 1.0
Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a cloned tag via physical proximity to the original.
low complexity
assaabloy CWE-326
6.5
2023-12-05 CVE-2023-26943 Inadequate Encryption Strength vulnerability in Assaabloy Yale Keyless Smart Lock Firmware 1.0
Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a cloned tag via physical proximity to the original.
low complexity
assaabloy CWE-326
6.5
2023-12-01 CVE-2023-28896 Inadequate Encryption Strength vulnerability in Preh Mib3 Firmware
Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.
low complexity
preh CWE-326
2.4
2023-11-27 CVE-2023-48034 Inadequate Encryption Strength vulnerability in Acer Sk-9662 Firmware
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption.
low complexity
acer CWE-326
6.1
2023-11-20 CVE-2023-48051 Inadequate Encryption Strength vulnerability in Carglglz Upydev 0.4.3
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding.
network
low complexity
carglglz CWE-326
7.5
2023-11-16 CVE-2023-43757 Inadequate Encryption Strength vulnerability in Elecom products
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD.
low complexity
elecom CWE-326
6.5