Vulnerabilities > Inadequate Encryption Strength
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-29 | CVE-2019-15806 | Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301 CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/basic_sett.html. | 9.8 |
| 2019-08-29 | CVE-2019-15805 | Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301 CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html. | 9.8 |
| 2019-08-01 | CVE-2019-14332 | Inadequate Encryption Strength vulnerability in Dlink 6600-Ap Firmware and Dwl-3600Ap Firmware An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. | 7.8 |
| 2019-07-05 | CVE-2019-10639 | Inadequate Encryption Strength vulnerability in Linux Kernel The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. | 7.5 |
| 2019-07-05 | CVE-2019-10638 | Inadequate Encryption Strength vulnerability in Linux Kernel In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). | 6.5 |
| 2019-07-03 | CVE-2018-18325 | Inadequate Encryption Strength vulnerability in Dnnsoftware Dotnetnuke DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. | 7.5 |
| 2019-07-03 | CVE-2018-15811 | Inadequate Encryption Strength vulnerability in Dnnsoftware Dotnetnuke 9.2/9.2.0/9.2.1 DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters. | 7.5 |
| 2019-07-01 | CVE-2019-4102 | Inadequate Encryption Strength vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |
| 2019-06-28 | CVE-2018-20810 | Inadequate Encryption Strength vulnerability in multiple products Session data between cluster nodes during cluster synchronization is not properly encrypted in Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. | 9.8 |
| 2019-06-25 | CVE-2019-4151 | Inadequate Encryption Strength vulnerability in IBM Security Access Manager IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |