Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-34113 | Inadequate Encryption Strength vulnerability in Adobe Coldfusion 2021/2023 ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords vulnerability that could result in a security feature bypass. | 5.5 |
| 2024-06-06 | CVE-2024-36823 | Inadequate Encryption Strength vulnerability in Ninjaframework Ninja 7.0.0 The encrypt() function of Ninja Core v7.0.0 was discovered to use a weak cryptographic algorithm, leading to a possible leakage of sensitive information. | 7.5 |
| 2024-04-19 | CVE-2022-40745 | Inadequate Encryption Strength vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. | 5.5 |
| 2024-04-19 | CVE-2023-37397 | Inadequate Encryption Strength vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. | 4.4 |
| 2024-03-22 | CVE-2022-32753 | Inadequate Encryption Strength vulnerability in IBM Security Verify Directory 10.0.0 IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 6.5 |
| 2024-01-30 | CVE-2024-22894 | Inadequate Encryption Strength vulnerability in multiple products An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file. | 6.8 |
| 2024-01-25 | CVE-2024-23656 | Inadequate Encryption Strength vulnerability in Linuxfoundation DEX 2.37.0 Dex is an identity service that uses OpenID Connect to drive authentication for other apps. | 7.5 |
| 2024-01-23 | CVE-2023-7237 | Inadequate Encryption Strength vulnerability in Lantronix Xport Edge Firmware 2.0.0.13 Lantronix XPort sends weakly encoded credentials within web request headers. | 7.5 |
| 2023-12-05 | CVE-2023-26941 | Inadequate Encryption Strength vulnerability in Assaabloy Yale Conexis L1 Firmware 1.1.0 Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a cloned tag via physical proximity to the original. | 6.5 |
| 2023-12-05 | CVE-2023-26942 | Inadequate Encryption Strength vulnerability in Assaabloy Yale Ia-210 Firmware 1.0 Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a cloned tag via physical proximity to the original. | 6.5 |