Vulnerabilities > Inadequate Encryption Strength

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-40006 Inadequate Encryption Strength vulnerability in Huawei Harmonyos 2.0
The fingerprint module has a security risk of brute force cracking.
local
low complexity
huawei CWE-326
2.1
2022-01-06 CVE-2021-45458 Inadequate Encryption Strength vulnerability in Apache Kylin
Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords.
network
low complexity
apache CWE-326
5.0
2022-01-05 CVE-2022-21653 Inadequate Encryption Strength vulnerability in Typelevel Jawn
Jawn is an open source JSON parser.
network
low complexity
typelevel CWE-326
5.0
2022-01-02 CVE-2021-36751 Inadequate Encryption Strength vulnerability in Encsecurity Datavault
ENC DataVault 7.1.1W uses an inappropriate encryption algorithm, such that an attacker (who does not know the secret key) can make ciphertext modifications that are reflected in modified plaintext.
network
low complexity
encsecurity CWE-326
6.4
2021-12-30 CVE-2021-20161 Inadequate Encryption Strength vulnerability in Trendnet Tew-827Dru Firmware 2.08B01
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART functionality.
local
low complexity
trendnet CWE-326
7.2
2021-12-27 CVE-2021-24998 Inadequate Encryption Strength vulnerability in Simple JWT Login Project Simple JWT Login
The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user accounts with a randomly generated password.
network
low complexity
simple-jwt-login-project CWE-326
5.0
2021-12-26 CVE-2021-45512 Inadequate Encryption Strength vulnerability in Netgear products
Certain NETGEAR devices are affected by weak cryptography.
network
low complexity
netgear CWE-326
7.5
2021-12-25 CVE-2021-45484 Inadequate Encryption Strength vulnerability in Netbsd
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
network
low complexity
netbsd CWE-326
5.0
2021-12-21 CVE-2021-36337 Inadequate Encryption Strength vulnerability in Dell Wyse Management Suite
Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising Confidentiality and Integrity of data.
network
dell CWE-326
5.8
2021-12-13 CVE-2021-38947 Inadequate Encryption Strength vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-326
5.0