Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-01 | CVE-2024-32758 | Inadequate Encryption Strength vulnerability in Johnsoncontrols Exacqvision Client and Exacqvision Server Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange | 7.5 |
| 2024-07-26 | CVE-2024-37034 | Inadequate Encryption Strength vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. | 5.9 |
| 2024-06-06 | CVE-2024-36823 | Inadequate Encryption Strength vulnerability in Ninjaframework Ninja 7.0.0 The encrypt() function of Ninja Core v7.0.0 was discovered to use a weak cryptographic algorithm, leading to a possible leakage of sensitive information. | 7.5 |
| 2024-04-19 | CVE-2024-29969 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav 2.2.2/2.2.2A/2.3.0 When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082. | 7.5 |
| 2024-04-17 | CVE-2024-29951 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection. | 5.7 |
| 2024-04-17 | CVE-2024-29950 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack. | 5.9 |
| 2024-01-30 | CVE-2024-22894 | Inadequate Encryption Strength vulnerability in multiple products An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file. | 6.8 |
| 2024-01-25 | CVE-2024-23656 | Inadequate Encryption Strength vulnerability in Linuxfoundation DEX 2.37.0 Dex is an identity service that uses OpenID Connect to drive authentication for other apps. | 7.5 |
| 2024-01-23 | CVE-2023-7237 | Inadequate Encryption Strength vulnerability in Lantronix Xport Edge Firmware 2.0.0.13 Lantronix XPort sends weakly encoded credentials within web request headers. | 7.5 |
| 2023-12-05 | CVE-2023-26941 | Inadequate Encryption Strength vulnerability in Assaabloy Yale Conexis L1 Firmware 1.1.0 Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a cloned tag via physical proximity to the original. | 6.5 |