Vulnerabilities > Inadequate Encryption Strength

DATE CVE VULNERABILITY TITLE RISK
2024-01-30 CVE-2024-22894 Inadequate Encryption Strength vulnerability in multiple products
An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file.
low complexity
alpha-innotec novelan CWE-326
6.8
2024-01-25 CVE-2024-23656 Inadequate Encryption Strength vulnerability in Linuxfoundation DEX 2.37.0
Dex is an identity service that uses OpenID Connect to drive authentication for other apps.
network
low complexity
linuxfoundation CWE-326
7.5
2024-01-23 CVE-2023-7237 Inadequate Encryption Strength vulnerability in Lantronix Xport Edge Firmware 2.0.0.13
Lantronix XPort sends weakly encoded credentials within web request headers.
network
low complexity
lantronix CWE-326
7.5
2023-12-05 CVE-2023-26941 Inadequate Encryption Strength vulnerability in Assaabloy Yale Conexis L1 Firmware 1.1.0
Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a cloned tag via physical proximity to the original.
low complexity
assaabloy CWE-326
6.5
2023-12-05 CVE-2023-26942 Inadequate Encryption Strength vulnerability in Assaabloy Yale Ia-210 Firmware 1.0
Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a cloned tag via physical proximity to the original.
low complexity
assaabloy CWE-326
6.5
2023-12-05 CVE-2023-26943 Inadequate Encryption Strength vulnerability in Assaabloy Yale Keyless Smart Lock Firmware 1.0
Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a cloned tag via physical proximity to the original.
low complexity
assaabloy CWE-326
6.5
2023-12-01 CVE-2023-28896 Inadequate Encryption Strength vulnerability in Preh Mib3 Firmware
Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.
low complexity
preh CWE-326
2.4
2023-11-27 CVE-2023-48034 Inadequate Encryption Strength vulnerability in Acer Sk-9662 Firmware
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption.
low complexity
acer CWE-326
6.1
2023-11-20 CVE-2023-48051 Inadequate Encryption Strength vulnerability in Carglglz Upydev 0.4.3
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding.
network
low complexity
carglglz CWE-326
7.5
2023-11-16 CVE-2023-43757 Inadequate Encryption Strength vulnerability in Elecom products
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD.
low complexity
elecom CWE-326
6.5